On Sun, Nov 13, 2011 at 11:48 PM, Ohad Levy <[email protected]> wrote: > On Sun, Nov 13, 2011 at 4:00 AM, modversion <[email protected]> wrote: >> hi all,can I use puppet for security configuration check in centos ? >> 1.check the kernel version whether great than 2.8.18.237-1 or not. >> 2.check the glibc,systemtap and udev version whether great than secure >> version or not. >> 3.check the php.ini whether set safe_mode to on or not. >> 4.check the sshd_config whether set PermitRootLogin to no or not. >> >> If puppet can make it ,would you like to be kind enough to tell me >> which class I should use? or which keyword I should search for. > > You might want to have a look at http://www.open-scap.org, and in > particular the secstate tool, which is based on puppet. > > I never used it myself, and therefore I dont know whats its current > state, but it might fit to your needs.
You can also just make use of the audit functionality in Puppet. http://puppetlabs.com/blog/all-about-auditing-with-puppet/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
