diff options
Diffstat (limited to 'salt/profile/seccheck')
-rw-r--r-- | salt/profile/seccheck/files/etc/security/autologout.conf | 9 | ||||
-rw-r--r-- | salt/profile/seccheck/files/etc/sysconfig/seccheck | 4 | ||||
-rw-r--r-- | salt/profile/seccheck/init.sls | 20 |
3 files changed, 33 insertions, 0 deletions
diff --git a/salt/profile/seccheck/files/etc/security/autologout.conf b/salt/profile/seccheck/files/etc/security/autologout.conf new file mode 100644 index 0000000..e910a29 --- /dev/null +++ b/salt/profile/seccheck/files/etc/security/autologout.conf @@ -0,0 +1,9 @@ +{%- set header = salt['pillar.get']('managed_header_pound') -%} +{{ header }} +TTY_TIMEOUT=60 +DEFAULT_DELAY=60 +KILL_WAIT=20 + +LOGOUTCONF=( +"ssh idle:720 delay:30" +) diff --git a/salt/profile/seccheck/files/etc/sysconfig/seccheck b/salt/profile/seccheck/files/etc/sysconfig/seccheck new file mode 100644 index 0000000..86eb9af --- /dev/null +++ b/salt/profile/seccheck/files/etc/sysconfig/seccheck @@ -0,0 +1,4 @@ +{%- set header = salt['pillar.get']('managed_header_pound') -%} +{{ header }} +SECCHK_USER="root" +START_SECCHK="yes" diff --git a/salt/profile/seccheck/init.sls b/salt/profile/seccheck/init.sls new file mode 100644 index 0000000..eed0c57 --- /dev/null +++ b/salt/profile/seccheck/init.sls @@ -0,0 +1,20 @@ +seccheck_packages: + pkg.installed: + - pkgs: + - seccheck + +seccheck_files: + file.managed: + - user: root + - mode: '0644' + - template: jinja + - names: + - /etc/sysconfig/seccheck: + - source: salt:///{{ slspath }}/files/etc/sysconfig/seccheck + - /etc/security/autologout.conf: + - source: salt:///{{ slspath }}/files/etc/security/autologout.conf + +seccheck_service: + service.running: + - name: seccheck-autologout.timer + - enable: True |