refactor(yaml): move shared values to defaults.yaml

saltstack-formulas · May 13, 2019 · 034f5a0 · 034f5a0
1 parent 140007d
commit 034f5a0
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 29 deletions.
diff --git a/rkhunter/defaults.yaml b/rkhunter/defaults.yaml
@@ -1,4 +1,15 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 ---
-rkhunter: {}
+rkhunter:
+  package: rkhunter
+  default_file: /etc/sysconfig/rkhunter
+  config_file: /etc/rkhunter.conf
+  config:
+    auto_x_detect: 1
+    dbdir: /var/lib/rkhunter/db
+    enable_tests: ALL
+    installdir: /usr
+    logfile: /var/log/rkhunter.log
+    scriptdir: /usr/share/rkhunter/scripts
+    tmpdir: /var/lib/rkhunter/tmp
diff --git a/rkhunter/osfamilymap.yaml b/rkhunter/osfamilymap.yaml
@@ -2,9 +2,7 @@
 # vim: ft=yaml
 ---
 Debian:
-  package: rkhunter
   default_file: /etc/default/rkhunter
-  config_file: /etc/rkhunter.conf
   default:
     apt_autogen: true
     cron_daily_run: true
@@ -15,8 +13,6 @@ Debian:
   config:
     allow_ssh_prot_v1: 2
     allow_ssh_root_user: without-password
-    auto_x_detect: 1
-    dbdir: /var/lib/rkhunter/db
     disable_tests:
       - apps
       - deleted_files
@@ -25,23 +21,16 @@ Debian:
       - suspscan
     disable_unhide: 1
     enable_tests: all
-    installdir: /usr
-    logfile: /var/log/rkhunter.log
     mail-on-warning: root
-    scriptdir: /usr/share/rkhunter/scripts
     scriptwhitelist:
       - /bin/egrep
       - /bin/fgrep
       - /bin/which
       - /usr/bin/groups
       - /usr/bin/ldd
       - /usr/sbin/adduser
-    tmpdir: /var/lib/rkhunter/tmp
 
 RedHat:
-  package: rkhunter
-  default_file: /etc/sysconfig/rkhunter
-  config_file: /etc/rkhunter.conf
   default:
     diag_scan: 'no'
     mailto: root@localhost
@@ -108,32 +97,27 @@ RedHat:
     allow_ssh_prot_v1: 2
     allow_ssh_root_user: unset
     append_log: 1
-    auto_x_detect: 1
-    dbdir: /var/lib/rkhunter/db
     disable_tests:
       - apps
       - deleted_files
       - hidden_procs
       - ipc_shared_mem
       - packet_cap_apps
       - suspscan
-    enable_tests: ALL
     existwhitelist:
       - /bin/ad
       - /usr/bin/GET
       - /usr/bin/whatis
       - /var/log/pki-ca/system
       - /var/log/pki/pki-tomcat/ca/system
       - /var/log/pki/pki-tomcat/kra/system
-    installdir: /usr
     logfile: /var/log/rkhunter/rkhunter.log
     pkgmgr: RPM
     rtkt_file_whitelist:
       - /bin/ad
       - /var/log/pki-ca/system
       - /var/log/pki/pki-tomcat/ca/system
       - /var/log/pki/pki-tomcat/kra/system
-    scriptdir: /usr/share/rkhunter/scripts
     scriptwhitelist:
       - /sbin/ifdown
       - /sbin/ifup
@@ -144,9 +128,6 @@ RedHat:
     tmpdir: /var/lib/rkhunter
 
 Suse:
-  package: rkhunter
-  default_file: /etc/sysconfig/rkhunter
-  config_file: /etc/rkhunter.conf
   default:
     cron_db_update: 'no'
     logfile: /var/log/rkhunter.log
@@ -162,20 +143,14 @@ Suse:
       - /dev/.udev
       - /dev/.udev
       - /etc/.java
-    auto_x_detect: 1
-    dbdir: /var/lib/rkhunter/db
     disable_tests:
       - apps
       - deleted_files
       - hidden_ports
       - hidden_procs
       - packet_cap_apps
       - suspscan
-    enable_tests: ALL
-    installdir: /usr
-    logfile: /var/log/rkhunter.log
     os_version_file: /etc/os-release
     pkgmgr: RPM
     scriptdir: /usr/lib/rkhunter/scripts
-    tmpdir: /var/lib/rkhunter/tmp
     user_fileprop_files_dirs: /etc/rkhunter.conf
diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb
@@ -30,7 +30,7 @@ def check_debian
       its('content') { should include 'ENABLE_TESTS=all' }
       its('content') { should include 'TMPDIR=/var/lib/rkhunter/tmp' }
       its('content') { should include 'SCRIPTDIR=/usr/share/rkhunter/scripts' }
-      its('content') { should include "DISABLE_TESTS='suspscan hidden_procs deleted_files packet_cap_apps apps'" }
+      its('content') { should include "DISABLE_TESTS='apps deleted_files hidden_procs packet_cap_apps suspscan'" }
 
       # Custom config from pillar
       its('content') { should include 'ALLOW_SSH_ROOT_USER=yes' }
@@ -52,7 +52,7 @@ def check_redhat
       its('content') { should include 'ENABLE_TESTS=ALL' }
       its('content') { should include 'TMPDIR=/var/lib/rkhunter' }
       its('content') { should include 'SCRIPTDIR=/usr/share/rkhunter/scripts' }
-      its('content') { should include "DISABLE_TESTS='suspscan hidden_procs deleted_files packet_cap_apps apps ipc_shared_mem'" }
+      its('content') { should include "DISABLE_TESTS='apps deleted_files hidden_procs ipc_shared_mem packet_cap_apps suspscan'" }
     end
   end
 
@@ -77,7 +77,7 @@ def check_suse
       its('content') { should include 'ENABLE_TESTS=ALL' }
       its('content') { should include 'TMPDIR=/var/lib/rkhunter' }
       its('content') { should include 'SCRIPTDIR=/usr/lib/rkhunter/scripts' }
-      its('content') { should include "DISABLE_TESTS='suspscan hidden_ports hidden_procs deleted_files packet_cap_apps apps'" }
+      its('content') { should include "DISABLE_TESTS='apps deleted_files hidden_ports hidden_procs packet_cap_apps suspscan'" }
     end
   end