Initial Changes and working install

This commit is contained in:
JD
2023-04-12 02:49:19 +01:00
parent b44e6ede5a
commit 22b2410152
4 changed files with 31 additions and 12 deletions

View File

@@ -4,8 +4,8 @@ class apache_couchdb::configure {
$user = $secgen_parameters['leaked_username'][0]
$password = $secgen_parameters['leaked_password'][0]
$jsondb = 'sampledata' ##TODO secgen
$strings_to_leak = $secgen_parameters['strings_to_leak'][0]
$leaked_filenames = $secgen_parameters['leaked_filenames'][0]
$strings_to_leak = $secgen_parameters['strings_to_leak']
$leaked_filenames = $secgen_parameters['leaked_filenames']
$user_home = "/home/${user}"
Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }

View File

@@ -11,9 +11,10 @@ class apache_couchdb::couchdb {
Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
#create user
#create system user
user { $username :
ensure => present,
shell => '/bin/bash',
user { $username:
ensure => present,
shell => '/bin/bash',
password => pw_hash($password, 'SHA-512', 'mysalt'),
}
#set folder permissions
-> exec { 'chown-couchdb':
@@ -24,11 +25,10 @@ class apache_couchdb::couchdb {
command => "chmod -R 770 ${docroot}",
logoutput => true
}
#configuration file
-> file { "${docroot}/etc/local.ini" :
ensure => file,
content => template('apache_couchdb/local.ini.erb'),
ensure => file,
content => template('apache_couchdb/local.ini.erb'),
}
# add vm.args files
-> file { "${docroot}/etc/vm.args":
@@ -43,11 +43,13 @@ class apache_couchdb::couchdb {
logoutput => true,
notify => Exec['wait-apache-couchdb'],
}
exec { 'wait-apache-couchdb':
command => 'sleep 4',
logoutput => true,
notify => Exec['chown-uri-file'],
}
exec { 'chown-uri-file':
command => "chown -R ${username}:${username} /var/run/couchdb/",
logoutput => true,
@@ -57,3 +59,4 @@ class apache_couchdb::couchdb {
logoutput => true,
}
}

View File

@@ -21,12 +21,12 @@ class apache_couchdb::install {
source => "puppet:///modules/apache_couchdb/${packagename}.deb",
}
-> file { "/usr/bin/${responsefile}" :
ensure => file,
content => template("apache_couchdb/${responsefile}.erb"),
ensure => file,
content => template("apache_couchdb/${responsefile}.erb"),
}
-> file { "/usr/bin/${jsondb}.json" :
ensure => file,
content => template("apache_couchdb/${jsondb}.erb"),
ensure => file,
content => template("apache_couchdb/${jsondb}.erb"),
}
#install couch db from deb file
-> package {'couchdb-install':

View File

@@ -0,0 +1,16 @@
<?xml version="1.0"?>
<scenario xmlns="http://www.github/cliffe/SecGen/scenario"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
<system>
<system_name>couchdb</system_name>
<base distro="Debian 10" type="desktop" name="KDE" />
<vulnerability module_path=".*/apache_couchdb" />
<network type="private_network" range="dhcp" />
</system>
</scenario>