From 03085a454e9669a413d45f87cdd88865e6df6b74 Mon Sep 17 00:00:00 2001
From: Ben Roberts <ben.roberts@gsacapital.com>
Date: Mon, 21 Dec 2015 10:36:05 +0000
Subject: [PATCH] Stop managing etc/auth dir contents

The current release installs a directory full of expired certificates into
etc/auth. This breaks the kvstore on the search/indexer machines, because
mongodb won't start with an expired cert.
Additionally, splunk seems to regenerate at least some of these certificates
when strting up, leading puppet to fight splunk over the contents and
frequent service restarts.

I can't see a good reason for this module to be managing the contents of the
certificate files; a job best left to the profile or glue module that uses
this splunk module, therefore I've removed it entirely.
---
 manifests/install.pp | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/manifests/install.pp b/manifests/install.pp
index f08c00a..9ee52c0 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -58,16 +58,5 @@
     group   => 'root',
     backup  => true,
     content => template('splunk/opt/splunk/etc/passwd.erb'),
-  } ->
-
-  # recursively copy the contents of the auth dir
-  # This is causing a restart on the second run. - TODO
-  file { "${splunkhome}/etc/auth":
-      mode    => '0600',
-      owner   => 'splunk',
-      group   => 'splunk',
-      recurse => true,
-      purge   => false,
-      source  => 'puppet:///modules/splunk/noarch/opt/splunk/etc/auth',
   }
 }