Re: Question about the 'remediation script' sections

Mon, 17 Feb 2020 17:32:13 -0800 

The modules are downloaded separately.

Fundamentally, it would be something like the following:


> # Command
> $ puppet module install voxpupuli-selinux
>
> # Hiera Data
> ---
> selinux::enable: true
>
> # Puppet Code
> include selinux
>
> Alternatively, something like:
>
> # Command
> $ puppet module install voxpupuli-selinux
>
> # Puppet Code
> class { 'selinux': enable => true }
>

What I'm trying to figure out is whether or not this type of thing is OK as
a remediation.

The first form is preferred due to complexities.

Thanks,

Trevor

On Mon, Feb 17, 2020 at 5:20 PM Shawn Wells <sh...@redhat.com> wrote:

>
> On 2/17/20 5:06 PM, Gabe Alford wrote:
> > Are they modules default in Puppet or are they custom or downloaded
> > separately? If they are default in a standard Puppet install, it
> > should be no problem as that is what we do with Ansible tasks.
>
>
> And if they're custom, there are always the jinja templates. For example:
>
>
>
> https://github.com/ComplianceAsCode/content/blob/master/shared/macros-ansible.jinja
>
>
> https://github.com/ComplianceAsCode/content/blob/master/shared/macros-bash.jinja
> _______________________________________________
> scap-security-guide mailing list --
> scap-security-guide@lists.fedorahosted.org
> To unsubscribe send an email to
> scap-security-guide-le...@lists.fedorahosted.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
>


-- 
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 x788

-- This account not approved for unencrypted proprietary information --

_______________________________________________
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org

Reply via email to