diff options
| author | nfagerlund <nick.fagerlund@gmail.com> | 2011-02-03 13:42:46 -0800 |
|---|---|---|
| committer | nfagerlund <nick.fagerlund@gmail.com> | 2011-02-03 15:33:07 -0800 |
| commit | bddfa1e22d8db53a16f71759a2d9c690bfc00417 (patch) | |
| tree | 6059be7771ac1f9ec92e83a447268a609a3b4081 /lib/puppet | |
| parent | 0502c557cbe8dc0d039e05ff5940a9e3b7e5c150 (diff) | |
| download | puppet-bddfa1e22d8db53a16f71759a2d9c690bfc00417.tar.gz puppet-bddfa1e22d8db53a16f71759a2d9c690bfc00417.tar.xz puppet-bddfa1e22d8db53a16f71759a2d9c690bfc00417.zip | |
(6114) Update the audit metaparameter for 2.6.5.
The audit metaparameter has some new behavior, its old behavior has changed, and the previous description was incomplete at any rate. This patch replaces its description string.
Diffstat (limited to 'lib/puppet')
| -rw-r--r-- | lib/puppet/type.rb | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/lib/puppet/type.rb b/lib/puppet/type.rb index e03650b54..f70a3ec0b 100644 --- a/lib/puppet/type.rb +++ b/lib/puppet/type.rb @@ -957,12 +957,25 @@ class Type end newmetaparam(:audit) do - desc "Audit specified attributes of resources over time, and report if any have changed. - This attribute can be used to track changes to any resource over time, and can - provide an audit trail of every change that happens on any given machine. - - Note that you cannot both audit and manage an attribute - managing it guarantees - the value, and any changes already get logged." + desc "Marks a subset of this resource's unmanaged attributes for auditing. Accepts an + attribute name or a list of attribute names. + + Auditing a resource attribute has two effects: First, whenever a catalog + is applied with puppet apply or puppet agent, Puppet will check whether + that attribute of the resource has been modified, comparing its current + value to the previous run; any change will be logged alongside any actions + performed by Puppet while applying the catalog. + + Secondly, marking a resource attribute for auditing will include that + attribute in inspection reports generated by puppet inspect; see the + puppet inspect documentation for more details. + + Managed attributes for a resource can also be audited, but note that + changes made by Puppet will be logged as additional modifications. (I.e. + if a user manually edits a file whose contents are audited and managed, + puppet agent's next two runs will both log an audit notice: the first run + will log the user's edit and then revert the file to the desired state, + and the second run will log the edit made by Puppet.)" validate do |list| list = Array(list).collect {|p| p.to_sym} |