From 913c5f0999859b44641844cbebae872692390667 Mon Sep 17 00:00:00 2001
From: Lars Kellogg-Stedman <lars@redhat.com>
Date: Fri, 30 May 2014 13:22:52 -0400
Subject: [PATCH 1/2] ensure that /etc/sysconfig/iptables exists

The iptables service will not start if /etc/sysconfig/iptables is
missing.  Attempting to start the service without this file will result
in:

ERROR : Error appeared during Puppet run: 172.16.0.14_prescript.pp
Error: Could not start Service[iptables]: Execution of '/sbin/service
iptables start' returned 6:

This patch ensures the file exists before starting the iptables service.
---
 manifests/linux/redhat.pp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
index f697d21..9226ac4 100644
--- a/manifests/linux/redhat.pp
+++ b/manifests/linux/redhat.pp
@@ -36,5 +36,13 @@
     ensure    => $ensure,
     enable    => $enable,
     hasstatus => true,
+    require   => File['/etc/sysconfig/iptables'],
+  }
+
+  file { '/etc/sysconfig/iptables':
+    ensure => present,
+    owner  => root,
+    group  => root,
+    mode   => 0600,
   }
 }
-- 
1.9.3