incron

partner
A SIMP Puppet module for managing incron

SIMP

simp

10,233 downloads

765 latest version

5.0 quality score

Version information

  • 0.5.0 (latest)
  • 0.4.1
  • 0.4.0
  • 0.3.1
  • 0.3.0
  • 0.2.0
  • 0.1.0
  • 0.0.3
  • 0.0.2
  • 0.0.1
released Nov 30th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x
  • Puppet >= 5.0.0 < 7.0.0
  • CentOS
    ,
    RedHat
    ,
    OracleLinux

Start using this module

Tags: simp

Documentation

simp/incron — version 0.5.0 Nov 30th 2020

License CII Best Practices Puppet Forge Puppet Forge Downloads Build Status

Table of Contents

  1. Description
  2. Setup - The basics of getting started with incron
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

This module manages the incron packages, service, and /etc/incron.allow.

WARNING:

There were issues in early versions of incron 0.5.12. Please ensure that you are using at least version 0.5.12-10 or later on EL 7+.

This is a SIMP module

This module is a component of the System Integrity Management Platform, a compliance-management framework built on Puppet.

It is designed to be used within a larger SIMP ecosystem, but it can be used independently:

  • When included within the SIMP ecosystem, security compliance settings will be managed from the Puppet server.
  • If used as an independent module, all SIMP-managed security subsystems are disabled by default and must be explicitly opted into by administrators. Please review the parameters in [simp/simp_options][simp_simp_options] for details.

If you run into problems, please let us know by filing an issue at https://simp-project.atlassian.net/.

Setup

What incron affects

  • incron package
  • incrond service
  • /etc/incron.deny
  • /etc/incron.allow

Usage

To use this module, just call the class. This example adds it to a class list in hiera:

---
classes:
  - incron

Users can also be added to /etc/incron.allow with the incron::user defined type, or the incron::users array in hiera. The following example adds a few users to /etc/incron.allow:

incron::users:
  - foo
  - bar

New system table entries can be added to /etc/incron.d/ directory with the incron::system_table defined type, or with the incron::system_table hash in hiera. The following example adds two new system table entries to /etc/incron.d/ directory:

incron::system_table:
  allowrw:
    path: '/data/'
    command: '/usr/bin/chmod -R 774 $@/$#'
    mask: ['IN_CREATE']
  deletelog:
    path: '/var/run/daemon'
    command: '/usr/bin/rm /var/log/daemon.log'
    mask: ['IN_DELETE']

Reference

Please refer to the inline documentation within each source file, or to the module's generated YARD documentation for reference material.

Limitations

SIMP Puppet modules are generally intended for use on Red Hat Enterprise Linux and compatible distributions, such as CentOS. Please see the metadata.json file for the most up-to-date list of supported operating systems, Puppet versions, and module dependencies.

Development

Please read our [Contribution Guide] (https://simp.readthedocs.io/en/stable/contributors_guide/index.html).

Acceptance tests

This module includes Beaker acceptance tests using the SIMP Beaker Helpers. By default the tests use Vagrant with VirtualBox as a back-end; Vagrant and VirtualBox must both be installed to run these tests without modification. To execute the tests run the following:

bundle install
bundle exec rake beaker:suites

Please refer to the SIMP Beaker Helpers documentation for more information.