Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #17055: Add systemd hardening config for slapd #2229

Merged
merged 1 commit into from Apr 8, 2020
Merged

Fixes #17055: Add systemd hardening config for slapd #2229

merged 1 commit into from Apr 8, 2020

Conversation

amousset
Copy link
Member

@amousset amousset commented Apr 6, 2020

@amousset amousset requested a review from peckpeck April 6, 2020 10:24
peckpeck
peckpeck reviewed Apr 8, 2020
View reviewed changes
rudder-webapp/SOURCES/Makefile
@@ -191,6 +191,7 @@ install: build initial-promises initial-ncf
install -m 644 rudder-sources/rudder/rudder-core/src/main/resources/ldap/rudder.schema $(DESTDIR)/opt/rudder/etc/openldap/schema/
install -m 644 rsyslog/rudder-slapd.conf $(DESTDIR)/etc/rsyslog.d/rudder-slapd.conf
install -m 644 rudder-slapd.service $(DESTDIR)/usr/lib/systemd/system/rudder-slapd.service
[ $$(systemctl --version | head -1 | cut -d' ' -f2) -gt 232 ] && sed -i '/\[Service\]/ r rudder-slapd-hardening' $(DESTDIR)/usr/lib/systemd/system/rudder-slapd.service || true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is rudder-slapd-hardening ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in my local repo

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does the systemctl command work within a chroot ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hehe

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we already use this for the relayd package

@amousset
Copy link
Member Author

amousset commented Apr 8, 2020

PR updated with a new commit

@Normation-Quality-Assistant
Copy link
Contributor

This PR is not mergeable to upper versions.
Since it is "Ready for merge" you must merge it by yourself using the following command:
rudder-dev merge https://github.com/Normation/rudder-packages/pull/2229
-- Your faithful QA
Kant merge: "To be is to do."
(https://ci.normation.com/jenkins/job/merge-accepted-pr/22644/console)

@amousset
Copy link
Member Author

amousset commented Apr 8, 2020

OK, squash merging this PR

@amousset amousset force-pushed the arch_17055/add_systemd_hardening_config_for_slapd branch from 8ecde3f to c31d790 Compare April 8, 2020 07:32
@amousset amousset merged commit c31d790 into Normation:master Apr 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peckpeck peckpeck peckpeck approved these changes

Assignees
No one assigned
Labels
qa: Can't merge
Projects
None yet
Milestone
No milestone
3 participants
@amousset @Normation-Quality-Assistant @peckpeck