Closed landrypm closed 10 months ago
I include this in version v0.9.2 but in a slightlt different way.
Thanks
-- Patrick Landry
From: Thomas Krieger @.> Sent: Sunday, January 28, 2024 2:35:28 PM To: tom-krieger/cis_security_hardening @.> Cc: Patrick M Landry @.>; Author @.> Subject: Re: [tom-krieger/cis_security_hardening] umask_setting.pp makes pam changes even if authselect::enforce is set to false (Issue #76)
CAUTION: This email originated from outside of UL Lafayette. Do not click links or open attachments unless you recognize the sender and know the content is safe.
I include this in version v0.9.2 but in a slightlt different way.
— Reply to this email directly, view it on GitHubhttps://github.com/tom-krieger/cis_security_hardening/issues/76#issuecomment-1913714559, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHRT4WAZXEQUY36YXO2TFX3YQ2ZBBAVCNFSM6AAAAABCLDEPTWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMJTG4YTINJVHE. You are receiving this because you authored the thread.Message ID: @.***>
While I am using cis_security_hardening for most tasks I do still rely on other puppet modules for other tasks. On my system I use a separate module to manage authselect configuration. I have
in my params file but umask_setting.pp still attempts to make changes to pam.d files.
I solved the issue by enclosing the
loop in umask_setting.pp within a if clause: