Forge Home

incron

A SIMP Puppet module for managing incron

14,164 downloads

110 latest version

4.7 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.10.0 (latest)
  • 0.9.0
  • 0.7.0
  • 0.6.2
  • 0.6.1
  • 0.6.0
  • 0.5.1
  • 0.5.0
  • 0.4.1
  • 0.4.0
  • 0.3.1
  • 0.3.0
  • 0.2.0
  • 0.1.0
  • 0.0.3
  • 0.0.2
  • 0.0.1
released May 20th 2024
This version is compatible with:
  • Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
  • Puppet >= 7.0.0 < 9.0.0
  • , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'simp-incron', '0.10.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add simp-incron
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install simp-incron --version 0.10.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: simp

Documentation

simp/incron — version 0.10.0 May 20th 2024

License CII Best Practices Puppet Forge Puppet Forge Downloads Build Status

Table of Contents

  1. Description
  2. Setup - The basics of getting started with incron
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

This module manages the incron packages, service, and /etc/incron.allow.

WARNING:

There were issues in early versions of incron 0.5.12. Please ensure that you are using at least version 0.5.12-10 or later on EL 7+.

This is a SIMP module

This module is a component of the System Integrity Management Platform, a compliance-management framework built on Puppet.

It is designed to be used within a larger SIMP ecosystem, but it can be used independently:

  • When included within the SIMP ecosystem, security compliance settings will be managed from the Puppet server.
  • If used as an independent module, all SIMP-managed security subsystems are disabled by default and must be explicitly opted into by administrators. Please review the parameters in [simp/simp_options][simp_simp_options] for details.

If you run into problems, please let us know by filing an issue at https://simp-project.atlassian.net/.

Setup

What incron affects

  • incron package
  • incrond service
  • /etc/incron.deny
  • /etc/incron.allow

Usage

To use this module, just call the class. This example adds it to a class list in hiera:

---
classes:
  - incron

Users can also be added to /etc/incron.allow with the incron::user defined type, or the incron::users array in hiera. The following example adds a few users to /etc/incron.allow:

incron::users:
  - foo
  - bar

New system table entries can be added to /etc/incron.d/ directory with the incron::system_table defined type, or with the incron::system_table hash in hiera. The following example adds two new system table entries to /etc/incron.d/ directory and removes unmanaged files:

incron::purge: true
incron::system_table:
  allowrw:
    path: '/data/'
    command: '/usr/bin/chmod -R 774 $@/$#'
    mask: ['IN_CREATE']
  deletelog:
    path: '/var/run/daemon'
    command: '/usr/bin/rm /var/log/daemon.log'
    mask: ['IN_DELETE']

Reference

Please refer to the inline documentation within each source file, or to the module's generated YARD documentation for reference material.

Limitations

SIMP Puppet modules are generally intended for use on Red Hat Enterprise Linux and compatible distributions, such as CentOS. Please see the metadata.json file for the most up-to-date list of supported operating systems, Puppet versions, and module dependencies.

Development

Please read our [Contribution Guide] (https://simp.readthedocs.io/en/stable/contributors_guide/index.html).

Acceptance tests

This module includes Beaker acceptance tests using the SIMP Beaker Helpers. By default the tests use Vagrant with VirtualBox as a back-end; Vagrant and VirtualBox must both be installed to run these tests without modification. To execute the tests run the following:

bundle install
bundle exec rake beaker:suites

Please refer to the SIMP Beaker Helpers documentation for more information.