Forge Home

Modules

Puppet

Resources

PuppetEcosystemPuppet CommunityUpdates

chsec

Change setting in AIX security files.
Project URLRSS FeedReport issues

9,838 downloads

6,742 latest version

4.3 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Support the Puppet Community by contributing to this module

You are welcome to contribute to this module by suggesting new features, currency updates, or fixes. Every contribution is valuable to help ensure that the module remains compatible with the latest Puppet versions and continues to meet community needs. Complete the following steps:

  1. Review the module’s contribution guidelines and any licenses. Ensure that your planned contribution aligns with the author’s standards and any legal requirements.
  2. Fork the repository on GitHub, make changes on a branch of your fork, and submit a pull request. The pull request must clearly document your proposed change.

For questions about updating the module, contact the module’s author.

Version information

  • 0.1.3 (latest)
  • 0.1.2
  • 0.1.1
released Apr 11th 2017
This version is compatible with:

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'bwilcox-chsec', '0.1.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add bwilcox-chsec
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install bwilcox-chsec --version 0.1.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

bwilcox/chsec — version 0.1.3 Apr 11th 2017

chsec

Table of Contents

  1. Description
  2. Setup - The basics of getting started with chsec
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

This is the chsec module.

It's purpose in life is to manage attribute files in a specific format on AIX servers using the proper AIX commands:

  • lssec
  • chsec

The list of files that this module can edit is found in the aix manpage for chsec. An example of one of these files is /etc/security/user.

It probably has no bearing at all for any other OS out there.

This module is ensurable. It will check the given properties and change them as specified if they deviate from the expected value.

Setup

Setup Requirements

Add the module to your modules path and let pluginsync do the rest.

Beginning with chsec

chsec takes the following parameters:

  • attribute: This is the name of the attribute, ie. "minage" in /etc/security/user.
  • value: This is the value the attribute should be set to.
  • file: This is the file that the attribute lives in.
  • stanza: This is the stanza the value should be set for.

Usage

chsec { "default_minage": ensure => present, attribute => 'minage', value => '2', file => '/etc/security/user', stanza => 'default' }

This will check the 'minage' attribue of the 'default' stanza in the '/etc/security/user' file and if it is not present or not set to '2', change it to be '2'.

Because it is ensurable, setting ensure to 'absent' in this example would check for the presence of 'minage' in the 'default' stanza of '/etc/security/user' and remove it if found.

Reference

Public Type

  • chsec

Parameters

  • attribute: This is the thing to change, ie. "minage" in /etc/security/user.
  • value: This is the value the attribute should be set to.
  • file: This is the file that the attribute lives in.
  • stanza: This is the stanza the value should be set for.

Limitations

This was written for AIX. Other OS' have other ways to do the same thing, I wanted one that worked with AIX's standard commands for manipulating entries in security files. This should work for any file that the AIX 'chsec' command will work with.
See the AIX 'chsec' man page for a listing.

This version has been deployed on PE 2015.3.3. An internally produced version ran on 3.7, but was never released to the forge. This version hasn't been tested on the older Puppet releases.

Development

If you've got a better way to do things, please feel free to make merge requests.

Release Notes/Contributors/Etc.

I hope someone else out there finds this useful.