pupmod-simp-auditd | Puppet Ecosystem Directory

Bot releases are visible (Hide)

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.5.2

Published by simp-auto about 4 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.5.1

Published by simp-auto about 4 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.5.0

Published by simp-auto over 4 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.4.0

Published by simp-auto about 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.3.2

Published by simp-auto over 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.3.1

Published by simp-auto over 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.3.0

Published by simp-auto over 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.2.1

Published by simp-auto over 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.2.0

Published by simp-auto over 5 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.1.1

Published by simp-auto almost 6 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.1.0

Published by simp-auto almost 6 years ago

pupmod-simp-auditd - Release of 8.0.0

Published by lnemsick-simp over 6 years ago

Thu Jun 21 2018 Liz Nemsick [email protected] - 8.0.0-0
- Added ability to select one or more audit profiles. When multiple
  profiles are selected, their rules are effectively concatenated in
  the order in which the profiles are listed in
  auditd::default_audit_profiles.
- The following API Changes were made in support of multiple audit
  profiles:
  - $::auditd::$default_audit_profile has been deprecated by
    $::auditd::$default_audit_profiles
  - auditd::config and auditd::config::audit_profiles::simp classes are
    now private. In the unlikely event that you included just these
    classes in your manifest, you must now include auditd instead.
  - The following auditctl global configuration options that were in
    auditd::config::audit_profiles::simp are now in the auditd class,
    instead: $ignore_errors, $ignore_anonymous, $ignore_system_services,
    and $ignore_crond. They were moved because they are now applied to
    the set of audit profiles selected, not just the 'simp' audit
    profile.
  - The following auditd::config::audit_profiles::simp class parameters
    have been deprecated for clarity:
    - $audit_sudoers has been deprecated by $audit_cfg_sudoers
    - $audit_sudoers_tag has been deprecated by $audit_cfg_sudoers
    - $audit_grub has been deprecated by $audit_cfg_grub
    - $audit_grub_tag has been deprecated by $audit_cfg_grub_tag
    - $audit_yum has been deprecated by $audit_cfg_yum
    - $audit_yum_tag has been deprecated by $audit_cfg_yum_tag
  - Some previously hard-coded, internal configuration is now exposed
    as data-in-modules.
- Added 'stig' audit profile which manages rules that match DISA STIG
  checks, exactly.
  - For executables explicitly listed in the RHEL7 STIG, includes watchs
    for binaries in the real paths (/usr/bin, /usr/sbin) and linked paths
    (/bin, /sbin). This is to address inconsistencies among the STIG and
    the Inspec and OSCAP scans. (All should use the real paths, but don't.)
- Fixed bugs in 'simp' audit profile
  - Fixed umask syscall rules. These rules require arch filters.
  - Fixed clock_settime syscall rules. Per the sample STIG audit rules
    packaged in the auditd RPM, these rules require an 'a0' filter.
  - Fixed bug in which /var/log/tallylog was grouped with session
    instead of logins.
  - Fixed bug in which the /etc/pam.d watch rule had the wrong tag
- Updated 'simp' audit profile settings for DISA STIG.
  - Expanded the list of successful syscall operations audited.
  - Expanded the list of module syscall operations audited
  - Added an option to monitor selinux commands, (i.e., chcon,
    semanage, setfiles, setsebool)
  - Added an option to audit the execution of password commands
    ('passwd', 'unix_chkpwd', 'gpasswd', 'chage', 'userhelper')
  - Added an option to audit the execution of privilege-related
    commands ('su', 'sudo', 'newgrp', 'chsh', 'sudoedit')
  - Added an option to audit the execution of postfix-related commands
    ('postdrop', 'postqueue')
  - Added an option to audit the execution of the 'ssh-keysign' command
  - Added an option to audit the execution of the 'crontab' command
  - Added an option to audit the execution of the 'pam_timestamp_check'
    command
  - Added an option to audit the execution of rename/remove operations
    for non-service users (rename', 'renameat', rmdir', 'unlink', and
    'unlinkat')
  - Added watch rules for /etc/hostname and /etc/NetworkManager (for
    centos7) pulled from the sample STIG audit rules packaged in the
    auditd RPM.
  - For executables explicitly listed in the RHEL7 STIG, includes watchs
    for binaries in the real paths (/usr/bin, /usr/sbin) and linked paths
    (/bin, /sbin). This is to address inconsistencies among the STIG and
    the Inspec and OSCAP scans. (All should use the real paths, but don't.)

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/8.0.1

Published by simp-auto over 6 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.1.3

Published by simp-auto over 6 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.1.2

Published by simp-auto almost 7 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.1.1

Published by simp-auto about 7 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.1.0

Published by simp-auto about 7 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.0.2

Published by simp-auto over 7 years ago

pupmod-simp-auditd - https://github.com/simp/pupmod-simp-auditd/releases/tag/7.0.1

Published by op-ct over 7 years ago

pupmod-simp-auditd -

Published by op-ct almost 8 years ago

Package Rankings

Top 5.82% on Forge.puppet.com

Badges

Extracted from project README

Related Projects

marionette

Something like puppet, for the localhost only.

06 Apr 2020 86

puppet-retrospec

The only tool you need to generate puppet code, tests, modules, facts, types, providers, data and...

23 Sep 2013 137

puppetbolt-control_repo

PDK-managed Puppet-Bolt-driven masterless Puppet control repo skeleton with unit and acceptance t...

21 Jan 2023 4

puppet-r10k

Setup and configure r10k for use with git based environments in puppet

07 May 2013 98

puppet-nfs

Installs and configures NFS server and clients

16 Dec 2014 16

puppetlabs_spec_helper

A set of shared spec helpers specific to Puppetlabs projects

22 Dec 2011 118

puppet-check

A streamlined efficient comprehensive set of checks for your entire Puppet code and data

19 Apr 2016 59

cisco_ios

Cisco IOS Catalyst module

03 Jan 2018 14

puppet-powerdns

A Puppet module to install and configure the PowerDNS 4.x authorative server and recursor

30 Jul 2016 12

puppet-accounts

Simple hierachical management of Linux user accounts, groups and SSH keys

25 Jan 2014 34

pupmod-simp-pam

The SIMP pam Puppet Module

19 May 2015 2

pdk-templates

The main template repo for the Puppet Development Kit https://github.com/puppetlabs/pdk

06 Dec 2017 46

abide_dev_utils

Provides a CLI with helpful utilities for developing compliance Puppet code

16 Jan 2021 3

rspec-puppet-yaml

Enable writing rspec-puppet tests in YAML rather than Ruby

28 Aug 2017 3

puppet-stash

A puppet module to install atlassian stash

14 Feb 2014 19