Skip to content
This repository has been archived by the owner on Jun 30, 2021. It is now read-only.

RFE : Cope with RHEL8 (audit 3.x) and its lack of audisp #63

Open
stevekay opened this issue Aug 3, 2019 · 1 comment
Open

RFE : Cope with RHEL8 (audit 3.x) and its lack of audisp #63

stevekay opened this issue Aug 3, 2019 · 1 comment

Comments

@stevekay
Copy link

stevekay commented Aug 3, 2019

The audit package on RHEL7 came with various /etc/audisp directories.

[steve@rhel-7-puppet ~]$ rpm -q audit
audit-2.8.4-4.el7.x86_64
[steve@rhel-7-puppet ~]$ rpm -ql audit|grep "^/etc/audisp$"
/etc/audisp
[steve@rhel-7-puppet ~]$

With the advent of audit v3.x, the audit package on RHEL8 lacks these.

[steve@rhel-8-puppet ~]$ rpm -q audit
audit-3.0-0.10.20180831git0047a6c.el8.x86_64
[steve@rhel-8-puppet ~]$ rpm -ql audit|grep "^/etc/audisp$"
[steve@rhel-8-puppet ~]$

This leads to errors when invoking the module on RHEL8.

[steve@rhel-8-puppet ~]$ sudo /opt/puppetlabs/puppet/bin/puppet apply mysite.pp
Warning: This method is deprecated, please use the stdlib validate_legacy function,
                    with Stdlib::Compat::String. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp", 383]:["/home/steve/mysite.pp", 8]
   (location: /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:28:in `deprecation')
Warning: This method is deprecated, please use the stdlib validate_legacy function,
                    with Stdlib::Compat::Absolute_Path. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp", 385]:["/home/steve/mysite.pp", 8]
   (location: /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:28:in `deprecation')
Warning: This method is deprecated, please use the stdlib validate_legacy function,
                    with Pattern[]. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp", 386]:["/home/steve/mysite.pp", 8]
   (location: /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:28:in `deprecation')
Warning: This method is deprecated, please use the stdlib validate_legacy function,
                    with Stdlib::Compat::Integer. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp", 393]:["/home/steve/mysite.pp", 8]
   (location: /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:28:in `deprecation')
Warning: This method is deprecated, please use the stdlib validate_legacy function,
                    with Stdlib::Compat::Bool. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp", 437]:["/home/steve/mysite.pp", 8]
   (location: /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:28:in `deprecation')
Notice: Compiled catalog for rhel-8-puppet.europe-west2-c.c.automation-243819.internal in environment production in 0.20 seconds
Error: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/audispd.conf20190803-6695-1ng1c9l.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp, line: 499)
Error: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/audispd.conf20190803-6695-1ng1c9l.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp, line: 499)
Wrapped exception:
No such file or directory @ dir_s_mkdir - /etc/audisp/audispd.conf20190803-6695-1ng1c9l.lock
Error: /Stage[main]/Auditd/File[/etc/audisp/audispd.conf]/ensure: change from 'absent' to 'file' failed: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/audispd.conf20190803-6695-1ng1c9l.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/init.pp, line: 499)
Error: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/plugins.d/af_unix.conf20190803-6695-wvcpf4.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/audisp/plugin.pp, line: 30)
Error: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/plugins.d/af_unix.conf20190803-6695-wvcpf4.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/audisp/plugin.pp, line: 30)
Wrapped exception:
No such file or directory @ dir_s_mkdir - /etc/audisp/plugins.d/af_unix.conf20190803-6695-wvcpf4.lock
Error: /Stage[main]/Auditd::Audisp::Af_unix/Auditd::Audisp::Plugin[af_unix]/File[/etc/audisp/plugins.d/af_unix.conf]/ensure: change from 'absent' to 'file' failed: Could not set 'file' on ensure: No such file or directory @ dir_s_mkdir - /etc/audisp/plugins.d/af_unix.conf20190803-6695-wvcpf4.lock (file: /etc/puppetlabs/code/environments/production/modules/auditd/manifests/audisp/plugin.pp, line: 30)
Notice: /Stage[main]/Auditd/Service[auditd]: Dependency File[/etc/audisp/audispd.conf] has failures: true
Notice: /Stage[main]/Auditd/Service[auditd]: Dependency File[/etc/audisp/plugins.d/af_unix.conf] has failures: true
Warning: /Stage[main]/Auditd/Service[auditd]: Skipping because of failed dependencies
Notice: Applied catalog in 0.23 seconds
[steve@rhel-8-puppet ~]$

If this module continues to be maintained, request that the code be revised to cater for this scenario.
@ybrock
Copy link

ybrock commented Oct 4, 2019

I couldn't agree more. Same problem here.

@igalic igalic mentioned this issue Oct 30, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ybrock @stevekay