search

dev-sec / puppet-os-hardening

This puppet module provides numerous security-related configurations, providing all-round base protection.
http://dev-sec.io/
Apache License 2.0
279 stars 101 forks source link

Backwards incompatible breaking change in PR279 #284

Closed earthgecko closed 3 years ago

earthgecko commented 3 years ago

Hi @mcgege

Sorry to inform you but that change that I added in #279 in not backwards compatible in terms of the puppet-agent version. Any users that include os_hardening as an external module with r10k, etc that are running puppet-agent <= 6.22.0 will experience an error on a catalog compilation because puppet only introduced max_files in 6.23.0

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: no parameter named 'max_files' (file: /etc/puppetlabs/code/external_modules/production/modules/os_hardening/manifests/minimize_access.pp, line: 61) on File[/usr/local/games] (file: /etc/puppetlabs/code/external_modules/production/modules/os_hardening/manifests/minimize_access.pp, line: 61) on node example.org

Pull request incoming.

earthgecko commented 3 years ago

@mcgege hold off, I will update PR to handle puppet 6 and puppet 7 as max_files was only introduced in 7.7.0

earthgecko commented 3 years ago

@mcgege will handle both puppet 6 and 7. Just be aware that the case selector testing the aio_agent_version is defaulting to true, based on the assumption that puppet 8.0.0 will have max_files from day 1.

Sorry for the inconvenience, I am glad puppet 5 was removed and glad I caught this before it possibly affects too many people.

mcgege commented 3 years ago

@earthgecko Thanks a lot for spotting this ... if you have a current Puppet version it is all fine ... will merge this asap

mcgege commented 3 years ago

Fixed with #285