X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fsamhain%2Ftemplates%2Fsamhainrc.erb;h=72ee42a806aad7e8be4298e5a32870fbacea5f50;hb=f0c787bbb75e0d28915124347a0e0feeb5fc40ec;hp=556ab20338e74d6bdf4e9e3d8851c5c3235ac7de;hpb=79ed057099a5991ea6228dc567a9222feb47c9b9;p=mirror%2Fdsa-puppet.git

diff --git a/modules/samhain/templates/samhainrc.erb b/modules/samhain/templates/samhainrc.erb
index 556ab2033..72ee42a80 100644
--- a/modules/samhain/templates/samhainrc.erb
+++ b/modules/samhain/templates/samhainrc.erb
@@ -110,6 +110,9 @@ file=/etc/static-clients.conf
 <% elsif classes.include?("roles::static_source") -%>
 file=/etc/static-clients.conf
 <% end -%>
+<% if classes.include?("apache2") -%>
+file=/etc/apache2/conf-available/puppet-ssl-key-pins.conf
+<% end -%>
 file=/etc/multipath/wwids
 
 #
@@ -126,9 +129,11 @@ file=/etc/init.d/.depend.start
 file=/etc/init.d/.depend.stop
 
 # These are the directories for the files we handle with puppet
-file=/etc/apache2/conf.d
+<% if classes.include?("apache2") -%>
+file=/etc/apache2/conf-available
 files=/etc/apache2/mods-enabled
 files=/etc/apache2/sites-available
+<% end -%>
 file=/etc/bacula
 file=/etc/samhain
 file=/etc/munin
@@ -175,6 +180,12 @@ file=/etc/ssh/userkeys
 file=/etc/ssh/userkeys/staticsync
 <% end -%>
 file=/etc/rsyncd
+<%- if hostname == "sibelius" then -%>
+file=/etc/tsm
+file=/etc/tsm/TSM.PWD
+<% end -%>
+file=/etc/ssl/private
+
 
 [LogFiles]
 ##
@@ -377,7 +388,6 @@ file=/etc/apt/apt.conf.d/local-recommends
 file=/etc/apt/apt.conf.d/local-pdiffs
 file=/etc/apt/apt.conf.d/local-ssl-ca-global
 file=/etc/apt/preferences.d/buildd
-file=/etc/systemd/system/puppet.service
 file=/etc/puppet/puppet.conf
 file=/etc/default/puppet
 file=/etc/default/postgrey
@@ -414,7 +424,6 @@ file=/usr/lib/nagios/plugins/dsa-update-samhain-status
 file=/etc/sudoers
 file=/etc/stunnel/puppet-ekeyd-peer.pem
 file=/etc/stunnel/puppet-ekeyd.conf
-file=/etc/sysctl.d/mmap_min_addr.conf
 file=/etc/pam.d/sudo
 file=/etc/monit/monitrc
 file=/etc/monit/monit.d/01puppet
@@ -488,6 +497,7 @@ dir=1/usr/share/puppet-dashboard/tmp/pids
 <% if classes.include?("porterbox") %>
 file=/etc/cron.weekly/puppet-mail-big-homedirs
 <% end -%>
+file=/etc/ssl/private/*.key-certchain
 
 [IgnoreNone]
 ##
@@ -825,6 +835,11 @@ SyslogSeverity=alert
 #
 # SetDefault = no
 
+<% if @lsbmajdistrelease >= '9' -%>
+[PortCheck]
+PortCheckActive=0
+<% end -%>
+
 
 #####################################################
 #