-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix permissions on /etc/gshadow, based on CIS DIL Benchmark 6.1.5. #133
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As the file /etc/gshadow
is not present in every distribution (especially on my SUSE systems), please change/create this file only on the appropriate platforms.
Is this an acceptable solution? I've defaulted to it not being available. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you squash your commits into a single one?
manifests/minimize_access.pp
Outdated
@@ -22,12 +22,15 @@ | |||
case $::operatingsystem { | |||
redhat, fedora: { | |||
$nologin_path = '/sbin/nologin' | |||
$shadow_path = '/etc/shadow' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On RedHat / CentOS there's also a /etc/gshadow
, please include this here
Sure, I'll squash them. Just fyi, you should also have the option to squash the commits when merging them into master. |
Sorry, it took a WIP file along, fixing now. |
HardeningFramework-DCO-1.1-Signed-off-by: Tim Stoop <github@timstoop.nl> (github: timstoop)
@timstoop Thanks for your contribution, merged! |
Fixes #132