- Description
- Setup - The basics of getting started with saferm
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
This puppet module installs and configure safe-rm, a tool to prevent accidental deletion of important files and directories.
If you want to know more about the safe-rm tool, take a look at the official page here.
/etc/safe-rm.conf
/usr/bin/safe-rm
Optionally:
/etc/profile.d/safe-rm.sh
~/.safe-rm
This module needs tar and wget to work properly.
To install safe-rm on your system, include the saferm
class: include saferm
.
The saferm module install and configure safe-rm on your system. By default, the module install version 0.12 and shields the following directories:
- /
- /bin
- /boot
- /dev
- /etc
- /home
- /initrd
- /lib
- /proc
- /root
- /sbin
- /sys
- /usr
- /usr/bin
- /usr/include
- /usr/lib
- /usr/local
- /usr/local/bin
- /usr/local/include
- /usr/local/sbin
- /usr/local/share
- /usr/sbin
- /usr/share
- /usr/src
- /var
To install a different version of safe-rm:
class {'saferm':
version => '0.11'
}
To set a different list of directories to be protected:
class {'saferm':
blacklist => ["/home","/home/user","/my_custom_dir"]'
}
The directories passed on the blacklist
variable of the saferm
class are system wide and will affect all users.
The defined type saferm::user_blacklist
allow you to specify a custom list of directories to be protected for each user.
saferm::user_blacklist {'/home/bob/':
blacklist => [
'/home/bob/documents',
'/home/bob/photos',
'/bob_protected_dir',
]
}
The class saferm::alias
creates an alias to the rm command pointing to safe-rm.
include saferm::alias
This will create a permanent the alias rm="/usr/bin/safe-rm"
at /etc/profile.d/safe-rm.sh
.
saferm
: Install and configure safe-rm.saferm::alias
: creates an alias to therm
command.
saferm::params
: Determines the installation method, the binary path and the package name for safe-rm.saferm::install
: install safe-rm according the installation method.saferm::config
: configures safe-rm.
saferm::user_blacklist
: Creates a safe-rm configuration file at the home of the user containing a custom set of directories to be protected for this user. The$title
of this define must be the user home.
The following parameters are avaliable in saferm
:
Specifies the safe-rm version to be installed.
Valid options: '0.12', '0.11', '0.10'.
Default: '0.12'
Specifies an array of directories to be protected system wide.
Default:
- /
- /bin
- /boot
- /dev
- /etc
- /home
- /initrd
- /lib
- /proc
- /root
- /sbin
- /sys
- /usr
- /usr/bin
- /usr/include
- /usr/lib
- /usr/local
- /usr/local/bin
- /usr/local/include
- /usr/local/sbin
- /usr/local/share
- /usr/sbin
- /usr/share
- /usr/src
- /var
The following parameters are avaliable in saferm::user_blacklist
:
Requird parameter that specifies an array of directories to be protected on the user environment. Default: there's no default value for this parameter.
This module cannot guarantee installation of safe-rm versions that aren't avaliable on platform repositories for Debian like systems.
This module is tested on the following OS:
- CentOS 5.x
- CentOS 6.x
- Centos 7.x
- Debian 6.x
- Debian 7.x
- Debian 8.x
Feel free to contribute for this module at the module's github repo.