OK. I have looked thru the module and I have some comments and feedback.
I am delightfully impressed with what you have here.
I am a bit disappointed with the sterile naming convention by CIS Benchmark
document paragraph numbers. I think it makes it tougher to maintain, but that
is just my opinion.
I love how you made the collection of custom facts to evaluate the “hardness”
of the system.
I have a suggestion to reduce the amount of code needed to implement this:
Your method uses 3 pieces:
A shell script,
a ruby fact wrapper that calls the script,
and a manifest that checks the value of the custom fact.
If you use External Facts, your scripts go into /etc/facter/facts.d
and are called directly without the extra Ruby wrapper !
On May 7, 2013, at 12:34 PM, Arild Jensen wrote:
> Overview
> ========
>
> This module implements the Center for Internet Security (CIS) Security
> Configuration Benchmark for Red Hat Enterprise Linux 6 v.1.1.0 (avilable at
> http://benchmarks.cisecurity.org). Each scored control has been implemented
> as a class or a custom fact.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
