1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# Basic security measures
class nodo::subsystem::security {
# Ensure a modest permission for this place
# Frameworks like grsecurity might complain otherwise
file { '/usr/local/bin':
ensure => directory,
owner => "root",
group => "root",
mode => "0755",
}
package { [ 'debsecan', 'debian-security-support' ]:
ensure => $::lsbdistid ? {
'Ubuntu' => absent,
default => present,
},
}
file { '/etc/default/debsecan' :
ensure => $::lsbdistid ? {
'Ubuntu' => absent,
default => present,
},
owner => "root",
group => "root",
mode => "0644",
content => template("nodo/debsecan/default.erb"),
require => Package['debsecan'],
}
}
|
