Forge Home
Premium module

cem_linux

Compliance Enforcement Module for Linux

5,369 downloads

347 latest version

Version information

  • 1.9.1 (latest)
  • 1.9.0
  • 1.8.0
  • 1.7.1
  • 1.7.0
  • 1.6.3
  • 1.6.2
  • 1.6.1
  • 1.6.0
  • 1.5.2
  • 1.5.1
  • 1.5.0
  • 1.4.3
  • 1.4.2
  • 1.4.1
  • 1.4.0
  • 1.3.2
  • 1.3.1
  • 1.3.0
  • 1.2.0
  • 1.1.4
  • 1.1.3
  • 1.1.2
  • 1.1.1
  • 1.1.0
  • 1.0.0
released Feb 8th 2024
This version is compatible with:
  • Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x
  • Puppet >= 6.23.0 < 9.0.0
  • , , , ,
This module has been deprecated by its author since May 8th 2024.

The author has suggested puppetlabs-sce_linux as its replacement.

Tasks:
  • audit_authselect
  • audit_shadow_group
  • audit_boot
  • audit_check_ipv6
  • audit_client_dns
  • audit_duplicate_gid
  • audit_duplicate_group_names
  • and 49 more. See all tasks

Documentation

puppetlabs/cem_linux — version 1.9.1 Feb 8th 2024

What are tasks?

Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.

Tasks in this module release

audit_authselect

Audit authselect profile for RHEL8 and CentOS8

audit_boot

Audit if the system is configured to boot to the command line or to the graphical user interface.

audit_check_ipv6

Audit IPV6 for RHEL8

audit_client_dns

Audit DNS servers configured in /etc/resolv.conf

audit_duplicate_gid

Finds and returns duplicate GIDs in /etc/group

audit_duplicate_group_names

Finds and returns duplicate group names in /etc/group.

audit_duplicate_uid

Finds duplicate UIDs in /etc/passwd and returns the UID and all users that use it

audit_duplicate_user_names

Finds and returns duplicate user names in /etc/passwd.

audit_etc_shadow

Verify if /etc/shadow have empty password fields

audit_etcpasswd_groups

Finds groups that exist in /etc/passwd but do not exist in /etc/group

audit_firewalld_config

Returns the results of firewall-cmd --list-all

audit_for_emergency_accounts

Audit all accounts expiration dates for removal.

audit_kerberos_keytab_files

List all the keytab files on the system at /etc

audit_library_files

Audit library files permission, ownership, and group ownership

audit_mcafee_endpoint_security

Audit McAfee Endpoint Security for Linux

audit_no_execution_bit_flag

Audit for the no-execution bit flag on the system

audit_partition_crypto

Audit partition cryptography

audit_pkcs11_eventmgr

This task will report on whether the screen is locked or not when using smart card.

audit_pw_change_date

Returns the last password change date for all users

audit_selinux_user_roles

Returns the output of 'semanage user -l' on the target system

audit_sgid_executables

A short description of this task

audit_shadow_group

Finds and returns any users in the shadow group

audit_sshd_installation

Verify if sshd is installed

audit_sshd_status

Report sshd status

audit_sssd_certmap

Audit the existance of sssd certmap configuration

audit_sudo_authentication_timeout

Return the sudo authentication timeout in minutes

audit_sudo_nopasswd

Return instances of NOPASSWD: in sudo configuration files.

audit_sudo_re_authentication

Returns a list of any ungrouped sudo configuration entries that contain !authenticate.

audit_suid_executables

Returns a list of SUID executable files