Hi Alessandro, great start! I personally would make these changes to your modules. - The hardening module I would break out each of these services into separate modules, so it's more generic. The hardening class itself I would consider a 'role' that would then include all of these modules (I have roles exist in the manifest folder and called by site.pp) - your logindefs class I would consider part of a shadow module that then has your specific security policy - your modules are very centos/RH specific any plans on making them apply to other OSes? - If you are removing packages I would suggest by default installing the package and then creating an ::absent class to remove or a ::disable to stop the service but have the module installed. This also then allows for keeping the package current via that module.
I'm not really familiar with EAL4+ CAPP can you tell me more about this? How is something certified EAL4+ CAPP, and can something be certified? -L -- Larry Ludwig Reductive Labs --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
