[Puppet-dev] Feature #1556: A type and provider for editing /etc/hosts.allow

[Kelsey Hightower]

Puppet::Type.newtype(:tcpwrapper) do
    @doc = "Manages tcpwarppers hosts.allow and hosts.deny entries.
    The entry will be placed in /etc/host.allow when 'allow => true'
or 'deny => false'
    The entry will be placed in /etc/host.deny when 'deny => true' or
'allow => false'
    Default action is to append the entry to /etc/host.allow

    Examples::

        tcpwrapper { ALL:
            allow         => true,
            daemon        => \"ALL\",
            except_daemon => [vsftpd, sshd]
            host          => \"ALL\"
            except_host   => [cracker.domainname.com, 24.123.45.12],
        }

        tcpwrapper { vsftpd:
            allow  => true,
            daemon => sshd,
            host   => [192.168.1.22, 72.13.2.34, trusted.domain.com],
            spawn  => '/bin/echo $(/bin/date) access from %h >> /var/
log/ftp-access.log'
        }

        tcpwrapper { vsftpd:
            deny   => true,
            daemon => sshd,
            host   => [24.123.45.12, cracker.domain.com],
            twist  => '/bin/echo \"Access to %d has been denied for $a
\"'
        }
    "

    ensurable

    newparam(:name) do
        desc "The name of the resource"
    end

    newparam(:allow) do
        desc "Whether to allow access. Line will be appened to /etc/
hosts.allow"
    end

    newparam(:deny) do
        desc "Whether to deny access. Line will be appened to /etc/
hosts.deny"
    end

    newparam(:file) do
        desc "The file to examine (and possibly modify) for the acl"
    end

    newparam(:line) do
        desc "The acl to add or remove"
    end

    newproperty(:daemon, :array_matching => :all) do
        desc "A list of one or more service daemons"
    end

    newproperty(:host, :array_matching => :all) do
        desc "A list of one or more hostnames, ipaddresses, or
networks"
    end

    newproperty(:spawn) do
        desc "Child process to be launched in the background"
    end

    newproperty(:twist) do
        desc "Command to run in place of the requested service"
    end

    newproperty(:except_daemon, :array_matching => :all) do
        desc "A list of one or more daemons to exclude from wildcard
matches"
    end

    newproperty(:except_host, :array_matching => :all) do
        desc "A list of one or more hostnames, ipaddresses, or
networks to exclude from wildcard matches"
    end

end
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Developers" group.
To post to this group, send email to puppet-dev@googlegroups.com
To unsubscribe from this group, send email to 
puppet-dev+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---