我正在尝试更新一些在RHEL机器上禁用CAD的Puppet清单.
现在我正在使用systemd上的顶级方式:masking(即链接到/ dev / null)
$ctrlaltdel_process = '/usr/bin/logger -p security.info "Control-Alt-Delete pressed"' # Every version of RHEL has a different way of doing this! :) case $::operatingsystemmajrelease { '4','5': { augeas { 'disable-inittab-ctrlaltdel': context => '/files/etc/inittab',lens => 'inittab.lns',incl => '/etc/inittab',changes => "set *[action = 'ctrlaltdel']/process '${ctrlaltdelprocess}'",} } '6': { file { '/etc/init/control-alt-delete.conf': ensure => file,content => $ctrlaltdel_process,} } '7': { file { '/etc/systemd/system/ctrl-alt-del.target': ensure => 'link',target => '/dev/null',} } default: { fail("Module ${module_name} is not supported on this ${::operatingsystemmajrelease}") } }
正如您所看到的,在其他系统上,我实际上正在编写一个安全日志,说CAD已被按下,但我不会用systemd机器来获取它.
我喜欢在日志中实际拥有陷阱的想法,以便我们可以追踪人们是否正在这样做.
解决方法
# ctrl-alt-del.target [Unit] DefaultDependencies=no # Do not affect the system through dependencies Requires=ctrl-alt-del.service StopWhenUneeded=yes # ctrl-alt-del.service [Service] DefaultDependencies=no # Do not affect the system through dependencies Type=oneshot ExecStart=/usr/bin/logger -p security.info "Control-Alt-Delete pressed"
