Define a complete security baseline and monitor the baseline's rules. The definition of the baseline should be done in Hiera. The purpose of the module is to give the ability to setup a complete security baseline which not necessarily have to stick to industry security guides like the CIS benchmarks.
Apache License 2.0
15
stars
10
forks
source link
Refactor grub_password.pp to create user.cfg in correct path on RedHat #43
The user.cfg was not being written to the EFI path on RedHat. Refactored class logic to do that and also better use of variables to compress code. Also note that on RedHat 7 the user config is mode 0600 however on RedHat 8 it is 0700.
Added EFI test param to unit tests - this could be done better but it works.
Uncertain if Debian and Suse have the same issue of requiring grub password written elsewhere in EFI environments before running grub2-mkconfig
The user.cfg was not being written to the EFI path on RedHat. Refactored class logic to do that and also better use of variables to compress code. Also note that on RedHat 7 the user config is mode 0600 however on RedHat 8 it is 0700.
Added EFI test param to unit tests - this could be done better but it works.
Uncertain if Debian and Suse have the same issue of requiring grub password written elsewhere in EFI environments before running
grub2-mkconfig