Fix space_left/admin_space_left as percentages

CHANGELOG

@@ -1,3 +1,6 @@
+* Tue Jul 16 2024 Steven Pritchard <[email protected]> - 8.14.3
+- Fix comparison of space_left and admin_space_left as percentages
+
 * Mon Jul 08 2024 Steven Pritchard <[email protected]> - 8.14.2
 - Remove calls to deprecated parameters (for Puppet 8 compatibility)
 

functions/validate_init_params.pp

@@ -7,19 +7,23 @@
 # @return [None]
 #
 function auditd::validate_init_params {
-  if (( '%' in $auditd::space_left ) or ( '%' in $auditd::admin_space_left ))
-  {
+  if (( '%' in $auditd::space_left ) or ( '%' in $auditd::admin_space_left )) {
     if $facts['auditd_version'] and ( versioncmp($facts['auditd_version'], '2.8.5') < 0 ) {
       fail('$space_left and $admin_space_left cannot contain "%" in auditd < 2.8.5')
     }
   }
 
   if $auditd::space_left.type('generalized') == $auditd::admin_space_left.type('generalized') {
-    if $auditd::admin_space_left > $auditd::space_left {
-      fail('Auditd requires $space_left to be greater than $admin_space_left, otherwise it will not start')
+    if $auditd::admin_space_left =~ String {
+      if Integer($auditd::admin_space_left.regsubst(/%$/, '')) > Integer($auditd::space_left.regsubst(/%$/, '')) {
+        fail('Auditd requires $space_left to be greater than $admin_space_left, otherwise it will not start')
+      }
+    } else {
+      if $auditd::admin_space_left > $auditd::space_left {
+        fail('Auditd requires $space_left to be greater than $admin_space_left, otherwise it will not start')
+      }
     }
-  }
-  else {
+  } else {
     debug('$auditd::space_left and $auditd::admin_space_left are not of the same data type, cannot compare for sanity')
   }
 }

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "simp-auditd",
-  "version": "8.14.2",
+  "version": "8.14.3",
   "author": "SIMP Team",
   "summary": "A SIMP puppet module for managing auditd and audispd",
   "license": "Apache-2.0",

spec/classes/init_spec.rb

@@ -85,13 +85,11 @@
         end
 
         context 'auditd 2.8.5' do
-          context 'with space_left as a percentage' do
-            let(:facts) do
-              base_facts.merge({
-                :auditd_version => '2.8.5'
-              })
-            end
+          let(:facts) do
+            base_facts.merge(auditd_version: '2.8.5')
+          end
 
+          context 'with space_left as a percentage' do
             let(:params) do
               {
                 :space_left => '20%'
@@ -102,12 +100,6 @@
           end
 
           context 'with admin_space_left as a percentage' do
-            let(:facts) do
-              base_facts.merge({
-                :auditd_version => '2.8.5'
-              })
-            end
-
             let(:params) do
               {
                 :admin_space_left => '20%'
@@ -117,6 +109,29 @@
             it { is_expected.to compile.with_all_deps }
             it { is_expected.to contain_class('auditd').with_space_left('21%') }
           end
+
+          context 'auditd with space_left < admin_space_left as percentages' do
+            let(:params) do
+              {
+                space_left: '5%',
+                admin_space_left: '25%',
+              }
+            end
+
+            it { is_expected.to compile.and_raise_error(%r{Auditd requires \$space_left to be greater than \$admin_space_left, otherwise it will not start}) }
+          end
+
+          context 'auditd with space_left > admin_space_left as percentages' do
+            let(:params) do
+              {
+                space_left: '25%',
+                admin_space_left: '5%',
+              }
+            end
+
+            it { is_expected.to compile.with_all_deps }
+            it { is_expected.to contain_class('auditd').with_space_left('25%').with_admin_space_left('5%') }
+          end
         end
 
         context 'auditd with auditing disabled' do