On Apr 6, 2009, at 3:08 PM, Stephen John Smoogen wrote:
> >> - The hardening module I would break out each of these services into >> separate modules, so it's more generic. The hardening class itself I >> would consider a 'role' that would then include all of these modules >> (I have roles exist in the manifest folder and called by site.pp) >> - your logindefs class I would consider part of a shadow module that >> then has your specific security policy >> - your modules are very centos/RH specific any plans on making them >> apply to other OSes? >> - If you are removing packages I would suggest by default installing >> the package and then creating an ::absent class to remove or >> a ::disable to stop the service but have the module installed. This >> also then allows for keeping the package current via that module. > > Ah so thats the best practice for that. >> Keep in mind these are not hardline rules but things I've seen work for others. Also from the module collection I'm creating it seems to work very well. -L -- Larry Ludwig Reductive Labs --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
