瀏覽代碼

Support for haveged

tags/2016.12
Filip Pytloun 8 年之前
父節點
當前提交
8296bb9c02
共有 4 個檔案被更改,包括 37 行新增1 行删除
  1. +14
    -1
      README.rst
  2. +18
    -0
      linux/system/haveged.sls
  3. +3
    -0
      linux/system/init.sls
  4. +2
    -0
      tests/pillar/system.sls

+ 14
- 1
README.rst 查看文件

@@ -294,7 +294,7 @@ day. Setting custom motd will cleanup existing ones.
printf "Unauthorized access strictly prohibited.\n"

RHEL / CentOS
~~~~~~~~~~~~~
^^^^^^^^^^^^^

Unfortunately ``update-motd`` is currently not available for RHEL so there's
no native support for dynamic motd.
@@ -308,6 +308,19 @@ You can still set static one, only pillar structure differs:
This is [company name] network.
Unauthorized access strictly prohibited.

Haveged
~~~~~~~

If you are running headless server and are low on entropy, it may be a good
idea to setup Haveged.

.. code-block:: yaml

linux:
system:
haveged:
enabled: true

Linux network
-------------


+ 18
- 0
linux/system/haveged.sls 查看文件

@@ -0,0 +1,18 @@
{%- from "linux/map.jinja" import system with context %}

{%- if system.haveged.enabled %}

haveged_pkgs:
pkg.installed:
- name: haveged
- watch_in:
- service: haveged_service

haveged_service:
service.running:
- name: haveged
- enable: true
- require:
- pkg: haveged_packages

{%- endif %}

+ 3
- 0
linux/system/init.sls 查看文件

@@ -54,3 +54,6 @@ include:
{%- if system.get('policyrcd', [])|length > 0 %}
- linux.system.policyrcd
{%- endif %}
{%- if system.haveged is defined %}
- linux.system.haveged
{%- endif %}

+ 2
- 0
tests/pillar/system.sls 查看文件

@@ -8,6 +8,8 @@ linux:
environment: prd
apparmor:
enabled: false
haveged:
enabled: true
console:
tty0:
autologin: root

Loading…
取消
儲存