Version 2.3.4 on supermarket fails to configure /etc/audit/auditd.conf on redhat systems

[foobarbam]

Cookbook version

2.3.4

Chef-client version

13.6.4

Platform Details

centos 7.4.1708

Scenario:

The changes detailed at 84c30ce#diff-3145628960d821e12b5cc7c0cb6d1b39 didn't make it into version 2.3.4 released on supermarket at https://supermarket.chef.io/cookbooks/auditd so berks caches version 2.3.4 of the cookbook from supermarket which doesn't have this fix.

Steps to Reproduce:

1. Create wrapper cookbook
2. add default['auditd']['ruleset'] = 'cis' to attributtes/default.rb
3. add include_recipe 'auditd::conf to recipes/default.rb
4. Add depends 'auditd', '~> 2.3.4' to metadata.rb
5. run berks install
6. configure .kitchen.yml to have a centos 7 VM
7. run kitchen converge centos-7

Expected Result:

/etc/audit/auditd.conf is updated when running the auditd::confrecipe on centos/redhat instead of /etc/audit/cis.auditd.

Actual Result:

Does not configure /etc/audit/auditd.conf instead configuring /etc/audit/cis.auditd

Snippet detailing the errant configuration file path

       Recipe: auditd::conf
         * auditd_conf_file[cis.auditd] action create
           * template[/etc/audit/cis.auditd] action create
             - create new file /etc/audit/cis.auditd
             - update content in file /etc/audit/cis.auditd from none to 64477b
             --- /etc/audit/cis.auditd	2019-02-06 20:40:55.410125292 +0000

Reviewing the berkshelf cache:

[me@nowhere.org]$ cat ~/.berkshelf/cookbooks/auditd-2.3.4/resources/conf_file.rb 
#
# Cookbook:: auditd
# Resource:: auditd_conf_file
#
# Copyright:: 2018, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

property :cookbook, String

action :create do
  extend AuditD::Helper

  template auditd_conffile(new_resource.name) do
    source "#{new_resource.name}.conf.erb"
    cookbook new_resource.cookbook if new_resource.cookbook
    notifies :reload, 'service[auditd]'
  end
end

[foobarbam]

Seems auditd::default has the same issue with the service reload.

Recipe: auditd::default
  * service[auditd] action reload[2019-02-06T21:42:48+00:00] INFO: Processing service[auditd] action reload (auditd::default line 24)

    
    ================================================================================
    Error executing action `reload` on resource 'service[auditd]'
    ================================================================================
    
    Mixlib::ShellOut::ShellCommandFailed
    ------------------------------------
    Expected process to exit with [0], but received '3'
    ---- Begin output of /usr/bin/systemctl --system reload auditd ----
    STDOUT: 
    STDERR: Failed to reload auditd.service: Job type reload is not applicable for unit auditd.service.
    See system logs and 'systemctl status auditd.service' for details.
    ---- End output of /usr/bin/systemctl --system reload auditd ----
    Ran /usr/bin/systemctl --system reload auditd returned 3
    
    Resource Declaration:
    ---------------------
    # In /var/chef/cache/cookbooks/auditd/recipes/default.rb
    
     24: service 'auditd' do
     25:   restart_command '/usr/libexec/initscripts/legacy-actions/auditd/restart' if platform_family?('rhel') && node['init_package'] == 'systemd'
     26:   supports [:start, :stop, :restart, :reload, :status]
     27:   action :enable
     28: end

Looking in the berks cache, the default recipe doesn't have the reload command:

[me@nowwhere.org]$ cat ~/.berkshelf/cookbooks/auditd-2.3.4/recipes/default.rb 
#
# Cookbook:: auditd
# Recipe:: default
#
# Copyright:: 2012-2017, Heavy Water Operations, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

extend AuditD::Helper

package auditd_package_name_for(node['platform_family'])

service 'auditd' do
  restart_command '/usr/libexec/initscripts/legacy-actions/auditd/restart' if platform_family?('rhel') && node['init_package'] == 'systemd'
  supports [:start, :stop, :restart, :reload, :status]
  action :enable
end