Skip to content
Snippets Groups Projects
Commit ca994084 authored by Nathan Ward's avatar Nathan Ward
Browse files

Add functionality to configure and run radsniff. 

This works on redhat family systems only.
Add camptocamp/systemd to manage systemd unit file.
parent 8225c28e
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
README.md
+ 16
0
View file @ ca994084
......@@ -193,6 +193,22 @@ Whether the control socket should be read-only or read-write. Choose from `ro`,
}
```
#### `freeradius::radsniff`
The `freeradius::radsniff` class configures and runs the [RADSNIFF](https://freeradius.org/radiusd/man/radsniff.html) service.
It requires freeradius-utils to be installed, so will fail if `utils_support` is not enabled on the `freeradius` class.
Note: This is only supported on RedHat like systems at present.
##### `options`
Command line options to be passed to radsniff. Quotes are escaped
```puppet
# Enable radsniff, with a filter, sending data to collectd (requires freeradius to be compiled for this)
class { 'freeradius::radsniff':
options => '-m -p1812,1813 -O unix:/var/run/collectd.sock -N freeradius -W 10 -i eth0 -f "src not 192.0.2.1"',
}
```
### Resources
#### `freeradius::attr`
......
files/radsniff.service 0 → 100644
+ 13
0
View file @ ca994084
[Unit]
Description=Capture RADIUS statistics
After=syslog.target network.target
After=radiusd.target
[Service]
Type=forking
PIDFile=/var/run/radiusd/radsniff.pid
EnvironmentFile=/etc/sysconfig/radsniff
ExecStart=/usr/bin/radsniff -P /var/run/radiusd/radsniff.pid -d /etc/raddb $RADSNIFF_OPTIONS
[Install]
WantedBy=multi-user.target
manifests/radsniff.pp 0 → 100644
+ 35
0
View file @ ca994084
# @summary configure and run radsniff
#
# @param options commandline options passed to radsniff when it runs
class freeradius::radsniff (
String $options = '',
) {
unless $::freeradius::utils_support {
fail('freeradius::radsniff requires freeradius have utils_support enabled')
}
unless $facts['os']['family'] == 'RedHat' {
fail('freeradius::radsniff only supports RedHat like OSes at the moment')
}
$escaped_cmd = $options.regsubst('"','\\\\"','G')
file {'/etc/sysconfig/radsniff':
content => @("SYSCONFIG"),
RADSNIFF_OPTIONS="${escaped_cmd}"
| SYSCONFIG
owner => 'root',
group => 'root',
mode => '0644',
require => Package['freeradius-utils'],
}
~> service { 'radsniff':
ensure => running,
enable => true,
}
systemd::unit_file {'radsniff.service':
source => 'puppet:///modules/freeradius/radsniff.service',
notify => Service['radsniff'],
}
}
metadata.json
+ 4
0
View file @ ca994084
......@@ -27,6 +27,10 @@
{
"name": "puppetlabs/concat",
"version_requirement": ">=1.0.0 <7.0.0"
},
{
"name": "camptocamp/systemd",
"version_requirement": ">=2.0.0 <3.0.0"
}
],
"operatingsystem_support": [
......
spec/classes/radsniff.rb 0 → 100644
+ 43
0
View file @ ca994084
require 'spec_helper'
describe 'freeradius::radsniff' do
on_supported_os.each do |os, os_facts|
context "on #{os}" do
include_context 'freeradius_with_utils'
let(:facts) { os_facts }
let(:params) do
{
options: 'radsniff cmd "line" options',
}
end
case os_facts[:osfamily]
when 'RedHat'
it do
is_expected.to contain_file('/etc/sysconfig/radsniff')
.with_content(%r{RADSNIFF_OPTIONS="radsniff cmd \\"line\\" options"})
.that_notifies('Service[radsniff]')
.that_requires('Package[freeradius-utils]')
end
it do
is_expected.to contain_service('radsniff')
.with_ensure('running')
.with_enable(true)
end
it do
is_expected.to contain_systemd__unit_file('radsniff.service')
.with_source('puppet:///modules/freeradius/radsniff.service')
.that_notifies('Service[radsniff]')
end
else
it do
is_expected.to compile.and_raise_error(%r{radsniff only supports RedHat})
end
end
end
end
end
spec/spec_helper_local.rb
+ 12
0
View file @ ca994084
......@@ -53,6 +53,18 @@ shared_context 'freeradius_default' do
end
end
# Same as above but enable utils
shared_context 'freeradius_with_utils' do
let(:pre_condition) do
[
redhat_params_class,
'class { freeradius:
utils_support => true,
}',
]
end
end
# Some common dependencies for things based on names for redhat systems
shared_context 'redhat_common_dependencies' do
let(:pre_condition) do
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment