Permalink
Cannot retrieve contributors at this time
Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign up
Fetching contributors…
Cannot retrieve contributors at this time
| { | |
| "oocs-output": "console", | |
| "oocs-html-opts": { | |
| "baseUrl": "http://localhost:8000/", | |
| "publicDir": "/srv/www-oocs/html/server/public" | |
| }, | |
| "oocs-module": { | |
| "environment": { | |
| "enable": 1, | |
| "verbose": 1 | |
| }, | |
| "filesystem": { | |
| "enable": 1, | |
| "verbose": 1, | |
| "procfilesystem": "/proc", | |
| "sysfilesystem": "/sys", | |
| "required": [ | |
| { | |
| "mountpoint": "/dev/shm", | |
| "opts": "nodev,noexec,nosuid" | |
| }, | |
| { | |
| "mountpoint": "/home", | |
| "opts": "nodev" | |
| }, | |
| { | |
| "mountpoint": "/tmp", | |
| "opts": "nodev,noexec,nosuid" | |
| }, | |
| { | |
| "mountpoint": "/var" | |
| }, | |
| { | |
| "mountpoint": "/var/log" | |
| } | |
| ], | |
| "file-permissions": { | |
| "/dev/null" : ["root:root:020666"], | |
| "/dev/random": ["root:root:020666"], | |
| "/" : ["root:root:040755|040555"], | |
| "/home" : ["root:root:040755"], | |
| "/root" : ["root:root:040750|040550|040700"], | |
| "/tmp" : ["root:root:041777"], | |
| "/var/log" : ["root:root:040755"], | |
| "/var/tmp" : ["root:root:041777"], | |
| "/etc/crontab" : ["root:root:100644"], | |
| "/etc/cron.d" : ["root:root:040700"], | |
| "/etc/cron.hourly" : ["root:root:040755"], | |
| "/etc/cron.daily" : ["root:root:040755"], | |
| "/etc/cron.weekly" : ["root:root:040755"], | |
| "/etc/cron.monthly": ["root:root:040755"], | |
| "/etc/group" : ["root:root:100644"], | |
| "/etc/grub.conf" : ["root:root:100600"], | |
| "/etc/passwd": ["root:root:100644"], | |
| "/etc/shadow": ["root:root:100400|100000", "root:shadow:100640"], | |
| "/etc/ssh/sshd_config": ["root:root:100640|100600"], | |
| "files-in:/etc/profile.d/": ["root:root:100755|100644"], | |
| "files-in:/var/log/sudo/" : ["root:root:100400|100600"], | |
| "subdirs-in:/home/": ["::040700"] | |
| } | |
| }, | |
| "kernel": { | |
| "enable": 1, | |
| "verbose": 1, | |
| "forbidden-modules": [ | |
| "cramfs", | |
| "freevxfs", | |
| "jffs2", | |
| "hfs", | |
| "hfsplus", | |
| "squashfs", | |
| "udf" | |
| ], | |
| "runtime-parameters": { | |
| "kernel.exec-shield": 1, | |
| "kernel.randomize_va_space": 2, | |
| "net.ipv4.icmp_echo_ignore_broadcasts": 0, | |
| "net.ipv4.icmp_ignore_bogus_error_responses": 0, | |
| "net.ipv4.ip_forward": 0, | |
| "net.ipv4.tcp_syncookies": 1, | |
| "net.ipv4.conf.all.accept_redirects": 0, | |
| "net.ipv4.conf.all.accept_source_route": 0, | |
| "net.ipv4.conf.all.log_martians": 1, | |
| "net.ipv4.conf.all.rp_filter": 1, | |
| "net.ipv4.conf.all.secure_redirects": 0, | |
| "net.ipv4.conf.all.send_redirects": 0, | |
| "net.ipv4.conf.default.accept_redirects": 0, | |
| "net.ipv4.conf.default.accept_source_route": 0, | |
| "net.ipv4.conf.default.secure_redirects": 0, | |
| "net.ipv4.conf.default.log_martians": 1, | |
| "net.ipv4.conf.default.rp_filter": 1, | |
| "net.ipv4.conf.default.send_redirects": 0, | |
| "net.ipv6.conf.all.accept_ra": 0, | |
| "net.ipv6.conf.all.accept_redirects": 0, | |
| "net.ipv6.conf.default.accept_ra": 0, | |
| "net.ipv6.conf.default.accept_redirects": 0 | |
| } | |
| }, | |
| "packages": { | |
| "enable": 1, | |
| "verbose": 1, | |
| "package-manager": "rpm", | |
| "forbidden": [ | |
| "telnet", | |
| "telnet-server" | |
| ] | |
| }, | |
| "services": { | |
| "enable": 1, | |
| "verbose": 1, | |
| "runlevel": 3, | |
| "required": [ | |
| "/usr/sbin/atd", | |
| "/usr/sbin/sshd", | |
| "ntpd|/lib/systemd/systemd-timesyncd", | |
| "syslogd|/sbin/rsyslogd|/lib/systemd/systemd-journald" | |
| ], | |
| "forbidden": [ | |
| "xinetd" | |
| ] | |
| }, | |
| "sudo": { | |
| "enable": 1, | |
| "verbose": 1, | |
| "conf-mainfile": "/etc/sudoers", | |
| "conf-modulesdir": "/etc/sudoers.d", | |
| "excluded-users": ["root"] | |
| } | |
| } | |
| } |