Re: [Puppet Users] Linux hardening
On Fri, Jul 1, 2011 at 3:48 PM, James Turnbull ja...@puppetlabs.com wrote: Nicolas Arias wrote: Hi guys!. I want to use puppet to automate initial linux hardening and to maintain a security configuration standard. Does any one knows if there are modules going around that take care of the usual hardening steps?. If not, i will work on them and share them. I started this modeled on the CIS Linux Security guidelines. https://github.com/jamtur01/**puppet-hardeninghttps://github.com/jamtur01/puppet-hardening It's not complete but covers a selection of the controls. You're welcome to fork/hack on it. Patches welcome etc. Regards This raises an interesting question. I had been doing something similar recently, and I had implemented the hardening within the specific puppet modules that they were related to. However, you've written a totally separate module. Which is better? Doug. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Linux hardening
Douglas Garstang wrote: This raises an interesting question. I had been doing something similar recently, and I had implemented the hardening within the specific puppet modules that they were related to. However, you've written a totally separate module. Which is better? I was specifically trying to provide an example of a module to apply a particular standard. I don't it makes much difference which approach you take. Although if you break the hardening into classes though you can make exceptions to which nodes they are applied. Regards James -- James Turnbull Puppet Labs 1-503-734-8571 Join us for PuppetConf http://www.bit.ly/puppetconfsig, September 22nd and 23rd in Portland, Oregon, USA. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Linux hardening
Nicolas Arias wrote: Hi guys!. I want to use puppet to automate initial linux hardening and to maintain a security configuration standard. Does any one knows if there are modules going around that take care of the usual hardening steps?. If not, i will work on them and share them. I started this modeled on the CIS Linux Security guidelines. https://github.com/jamtur01/puppet-hardening It's not complete but covers a selection of the controls. You're welcome to fork/hack on it. Patches welcome etc. Regards James -- James Turnbull Puppet Labs 1-503-734-8571 Join us for PuppetConf http://www.bit.ly/puppetconfsig, September 22nd and 23rd in Portland, Oregon, USA. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.