Removed class name from variable declaration (issue #36)

tom-krieger / cis_security_hardening

Define a complete security baseline and monitor the baseline's rules. The definition of the baseline should be done in Hiera. The purpose of the module is to give the ability to setup a complete security baseline which not necessarily have to stick to industry security guides like the CIS benchmarks.

Apache License 2.0

15 stars 10 forks source link

Removed class name from variable declaration (issue #36) #37

Closed parryb closed 1 year ago

parryb commented 1 year ago

Here is promised pull request to fix issue 36

parryb commented 1 year ago

Removing Cis_security_hardening::Nftables_address_families removes security. This type is to make sure that no malicious code can be inserted into the nftables command. I won't accept this pull request.

Hhhhmmmm, OK. I couldn't get the module to work with that class name in the variable definition. I've never seen or used class names in the variable definition before.

parryb commented 1 year ago

I don't suppose you could point me to the documentation about that usage? Because puppet.com doesn't seem to have anything.

parryb commented 1 year ago

Fixed the error we were seeing which was caused by old hiera data. Had a look at your type (nftables_address_families.pp) code I get what is going on, I just can't find any documentation on using it in class parameter definition.