我试图更新一些在RHEL机器上禁用CAD的Puppet清单。
现在我正在做systemd:masking(即链接到/ dev / null)
$ctrlaltdel_process = '/usr/bin/logger -p security.info "Control-Alt-Delete pressed"' # Every version of RHEL has a different way of doing this! :) case $::operatingsystemmajrelease { '4','5': { augeas { 'disable-inittab-ctrlaltdel': context => '/files/etc/inittab', lens => 'inittab.lns', incl => '/etc/inittab', changes => "set *[action = 'ctrlaltdel']/process '${ctrlaltdelprocess}'", } } '6': { file { '/etc/init/control-alt-delete.conf': ensure => file, content => $ctrlaltdel_process, } } '7': { file { '/etc/systemd/system/ctrl-alt-del.target': ensure => 'link', target => '/dev/null', } } default: { fail("Module ${module_name} is not supported on this ${::operatingsystemmajrelease}") } } 正如你所看到的,在其他系统上,我实际上正在写一个安全日志,说CAD被按下了,但是我不会在systemd机器上得到这个。
我喜欢在日志中实际存在陷阱的想法,所以我们可以追踪是否有人这样做。
有人可以给我一个例子systemdconfiguration文件为ctrl + alt +删除,会做同样的事情?
# ctrl-alt-del.target [Unit] DefaultDependencies=no # Do not affect the system through dependencies Requires=ctrl-alt-del.service StopWhenUneeded=yes # ctrl-alt-del.service [Service] DefaultDependencies=no # Do not affect the system through dependencies Type=oneshot ExecStart=/usr/bin/logger -p security.info "Control-Alt-Delete pressed"