0-change sugar
Change-Id: I9af080df6c3bfead65ac4c026408c7cc086bcf25
diff --git a/auditd/audisp.sls b/auditd/audisp.sls
index e735641..d7eaf4b 100644
--- a/auditd/audisp.sls
+++ b/auditd/audisp.sls
@@ -9,7 +9,7 @@
pkg.installed:
- names: {{ audisp.pkgs }}
-{%- for plugin, plugin_params in audisp.plugins.items() %}
+ {%- for plugin, plugin_params in audisp.plugins.items() %}
{{ audisp.config_path }}/{{ plugin }}.conf:
file.managed:
- source: salt://auditd/files/audisp.plugin.conf
@@ -23,5 +23,5 @@
- pkg: audisp_packages
- watch_in:
- service: auditd_service
-{%- endfor %}
+ {%- endfor %}
{%- endif %}
diff --git a/auditd/files/auditd.conf b/auditd/files/auditd.conf
index 8b0d3f7..d8fefa9 100644
--- a/auditd/files/auditd.conf
+++ b/auditd/files/auditd.conf
@@ -98,4 +98,4 @@
{%- if service.krb5_principal is defined %}
krb5_principal = {{ service.krb5_principal }}
-{%- endif %}
+{%- endif %}
\ No newline at end of file
diff --git a/auditd/files/auditd.rules.conf b/auditd/files/auditd.rules.conf
index 031b268..b244272 100644
--- a/auditd/files/auditd.rules.conf
+++ b/auditd/files/auditd.rules.conf
@@ -9,29 +9,35 @@
# Rules (might be empty)
{%- for _, ruleblock in rules.get('rules', {})|dictsort %}
-{%- if ruleblock.get('enabled', false) %}
-{%- set rules = ruleblock.get('rule_list', []) %}
-{%- set rulekey = ruleblock['key'] %}
-{%- if rulekey == 'privileged' -%}
-{# Generate suid/sgid binaries list dynamically.
-This behavior can not be changed but the list can be extended via the corresponding pillar. #}
-{%- set privileged_list = salt['auditd.find_privileged'](filter_fs=filter_fs,filter_paths=filter_paths) -%}
-{%- for bin in privileged_list -%}
-{%- set rule = '-a always,exit -F path='+ bin +' -F perm=x -F auid>='~ auid ~' -F auid!=4294967295' -%}
-{%- if rule not in rules %}
-{%- do rules.append(rule) %}
-{%- endif %}
-{%- endfor %}
-{%- endif %}
-{% if rules|length > 0 %}
+ {%- if ruleblock.get('enabled', false) %}
+ {%- set rules = ruleblock.get('rule_list', []) %}
+ {%- set rulekey = ruleblock['key'] %}
+ {%- if rulekey == 'privileged' -%}
+ {# Generate suid/sgid binaries list dynamically.
+ This behavior can not be changed but the list can be
+ extended via the corresponding pillar.
+ #}
+ {%- set privileged_list = salt['auditd.find_privileged'](filter_fs=filter_fs,filter_paths=filter_paths) -%}
+ {%- for bin in privileged_list -%}
+ {%- set rule = '-a always,exit -F path='+ bin +' -F perm=x -F auid>='~ auid ~' -F auid!=4294967295' -%}
+ {%- if rule not in rules %}
+ {%- do rules.append(rule) %}
+ {%- endif %}
+ {%- endfor %}
+ {%- endif %}
+ {% if rules|length > 0 %}
# "{{ rulekey }}" section
-{%- for rule in rules %}
+ {%- for rule in rules %}
{{ rule }} -k {{ rulekey }}
-{%- endfor %}
-{%- endif %}
-{%- endif %}
+ {%- endfor %}
+ {%- endif %}
+ {%- endif %}
{%- endfor %}
# Enabled
{%- set enabled = rules.get('options', {}).get('enabled', 0) %}
-e {{ enabled }}
+
+{#
+# vim: ft=jinja
+#}
\ No newline at end of file