puppet – 在带有日志记录的systemd中禁用ctrl alt delete
发布时间:2020-12-14 23:05:00 所属栏目:资源 来源:网络整理
导读:我正在尝试更新一些在RHEL机器上禁用CAD的Puppet清单. 现在我正在使用systemd上的顶级方式:masking(即链接到/ dev / null) $ctrlaltdel_process = '/usr/bin/logger -p security.info "Control-Alt-Delete pressed"' # Every version of RHEL has a differe
|
我正在尝试更新一些在RHEL机器上禁用CAD的Puppet清单.
现在我正在使用systemd上的顶级方式:masking(即链接到/ dev / null) $ctrlaltdel_process = '/usr/bin/logger -p security.info "Control-Alt-Delete pressed"'
# Every version of RHEL has a different way of doing this! :)
case $::operatingsystemmajrelease {
'4','5': {
augeas { 'disable-inittab-ctrlaltdel':
context => '/files/etc/inittab',lens => 'inittab.lns',incl => '/etc/inittab',changes => "set *[action = 'ctrlaltdel']/process '${ctrlaltdelprocess}'",}
}
'6': {
file { '/etc/init/control-alt-delete.conf':
ensure => file,content => $ctrlaltdel_process,}
}
'7': {
file { '/etc/systemd/system/ctrl-alt-del.target':
ensure => 'link',target => '/dev/null',}
}
default: {
fail("Module ${module_name} is not supported on this ${::operatingsystemmajrelease}")
}
}
正如您所看到的,在其他系统上,我实际上正在编写一个安全日志,说CAD已被按下,但我不会用systemd机器来获取它. 我喜欢在日志中实际拥有陷阱的想法,以便我们可以追踪人们是否正在这样做. 有人可以给我一个示例systemd配置文件的ctrl alt删除,它会做同样的事情吗? 解决方法# ctrl-alt-del.target [Unit] DefaultDependencies=no # Do not affect the system through dependencies Requires=ctrl-alt-del.service StopWhenUneeded=yes # ctrl-alt-del.service [Service] DefaultDependencies=no # Do not affect the system through dependencies Type=oneshot ExecStart=/usr/bin/logger -p security.info "Control-Alt-Delete pressed" (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |