From d7313a030831f6213eba6fa9c59d28db354623b2 Mon Sep 17 00:00:00 2001
From: Klas Arvidsson <klas.arvidsson@liu.se>
Date: Tue, 17 Dec 2019 00:44:38 +0100
Subject: [PATCH] addes aes_sw, included aes_sw and opendsa, updated sudoers

---
 files/sudoers_aes   |  5 +++++
 manifests/aes_sw.pp | 11 +++++++++++
 manifests/init.pp   |  4 ++++
 3 files changed, 20 insertions(+)
 create mode 100644 manifests/aes_sw.pp

diff --git a/files/sudoers_aes b/files/sudoers_aes
index fd26df8..ed7936c 100644
--- a/files/sudoers_aes
+++ b/files/sudoers_aes
@@ -1,2 +1,7 @@
 klaar36 ALL=(ALL) NOPASSWD: ALL
 filst04 ALL=(ALL) NOPASSWD: ALL
+
+User_Alias EXAM_ADMINS = torjo38, klaar36, vikol94, magni54, filst04
+Runas_Alias EXAM_USER = examadm
+
+EXAM_ADMINS ALL=(EXAM_USER) NOPASSWD:NOEXEC: ALL
diff --git a/manifests/aes_sw.pp b/manifests/aes_sw.pp
new file mode 100644
index 0000000..9071cb6
--- /dev/null
+++ b/manifests/aes_sw.pp
@@ -0,0 +1,11 @@
+class aes::aes_sw {
+
+  user { "examadm" :
+    ensure => present,
+    managehome => false,
+    membership => inclusive,
+    system => true,
+    shell => '/sbin/nologin',
+  }
+
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index 2273e7a..058eb02 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,4 +1,6 @@
 class aes {
+  include aes::aes_sw
+  include aes::opendsa
   include aes::squid_filter
   include ::liurepo::centos_sclo_rh
 
@@ -55,11 +57,13 @@ class aes {
     service squid is tcp/3128
     service sclogin is tcp/23431
     service aesms is tcp/23816
+#    service opendsa is tcp/12000
 
     policy chain INPUT is
       accept service:squid from class:liu-nets
       accept service:sclogin from class:liu-nets
       accept service:aesms from class:liu-nets
+#      accept service:opendsa from class:liu-nets
     end policy
     |-EOF
   }
-- 
GitLab