Theoretically that's the way to do it in Puppet, but as other people
point out it would be much simpler to block things from being installed
in the first place. "ensure => purged" might get you better results from
providers that handle dependencies, however I have mixed results with
yum when doing this. The problem with ensure => absent with dependency
driven package providers is it won't be able to figure out which order
to uninstall them. Lastly, any time the OS provider changes the
dependencies in one of your white listed packages you have to go and
re-check your list, so I'd really concentrate on stopping any extra
software being installed in the first place - save yourself the
management nightmare.
On 02/05/12 06:42, Jörgen Maas wrote:
On Tue, May 1, 2012 at 10:38 PM, bainar <andrew.r.b...@gmail.com
<mailto:andrew.r.b...@gmail.com>> wrote:
Can anyone tell me if it is possible to explicitly specify the only
allowed packages on a host (modules on a node?) - i.e. a white list?
This is for hardening a VPS in the cloud.
Shouldn't it work using a resource default, something like:
Package {
ensure => absent,
}
$whitelist = ["foo", "bar", "baz"]
package { $whitelist:
ensure => present,
}
--
Grtz,
Jörgen Maas
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Luke Bigum
Information Systems
Ph: +44 (0) 20 3192 2520
luke.bi...@lmax.com | http://www.lmax.com
LMAX, Yellow Building, 1A Nicholas Road, London W11 4AN
FX and CFDs are leveraged products that can result in losses exceeding
your deposit. They are not suitable for everyone so please ensure you
fully understand the risks involved. The information in this email is not
directed at residents of the United States of America or any other
jurisdiction where trading in CFDs and/or FX is restricted or prohibited
by local laws or regulations.
The information in this email and any attachment is confidential and is
intended only for the named recipient(s). The email may not be disclosed
or used by any person other than the addressee, nor may it be copied in
any way. If you are not the intended recipient please notify the sender
immediately and delete any copies of this message. Any unauthorised
copying, disclosure or distribution of the material in this e-mail is
strictly forbidden.
LMAX operates a multilateral trading facility. Authorised and regulated
by the Financial Services Authority (firm registration number 509778) and
is registered in England and Wales (number 06505809).
Our registered address is Yellow Building, 1A Nicholas Road, London, W11
4AN.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
