https://github.com/simp/pupmod-simp-incron

A SIMP Puppet module for managing incron
https://github.com/simp/pupmod-simp-incron

incron simp

Last synced: 10 months ago
JSON representation

A SIMP Puppet module for managing incron

• Host: GitHub
• URL: https://github.com/simp/pupmod-simp-incron
• Owner: simp
• License: other
• Created: 2016-12-07T13:50:29.000Z (over 9 years ago)
• Default Branch: master
• Last Pushed: 2023-10-24T15:34:29.000Z (over 2 years ago)
• Last Synced: 2024-04-19T10:51:52.284Z (about 2 years ago)
• Topics: incron, simp
• Language: Ruby
• Size: 152 KB
• Stars: 0
• Watchers: 16
• Forks: 15
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG
  • License: LICENSE

Awesome Lists containing this project

README

          
[![License](https://img.shields.io/:license-apache-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0.html)

[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/73/badge)](https://bestpractices.coreinfrastructure.org/projects/73)

[![Puppet Forge](https://img.shields.io/puppetforge/v/simp/incron.svg)](https://forge.puppetlabs.com/simp/incron)

[![Puppet Forge Downloads](https://img.shields.io/puppetforge/dt/simp/incron.svg)](https://forge.puppetlabs.com/simp/incron)

[![Build Status](https://travis-ci.org/simp/pupmod-simp-incron.svg)](https://travis-ci.org/simp/pupmod-simp-incron)

#### Table of Contents

1. [Description](#description)

2. [Setup - The basics of getting started with incron](#setup)

    * [What incron affects](#what-incron-affects)

3. [Usage - Configuration options and additional functionality](#usage)

4. [Reference - An under-the-hood peek at what the module is doing and how](#reference)

5. [Limitations - OS compatibility, etc.](#limitations)

6. [Development - Guide for contributing to the module](#development)

    * [Acceptance Tests - Beaker env variables](#acceptance-tests)

## Description

This module manages the incron packages, service, and /etc/incron.allow.

**WARNING:**

> There were issues in early versions of incron 0.5.12. Please ensure that you

> are using at least version 0.5.12-10 or later on EL 7+.

### This is a SIMP module

This module is a component of the [System Integrity Management Platform](https://simp-project.com),

a compliance-management framework built on Puppet.

It is designed to be used within a larger SIMP ecosystem, but it can be used

independently:

 * When included within the SIMP ecosystem, security compliance settings will

   be managed from the Puppet server.

 * If used as an independent module, all SIMP-managed security subsystems are

   disabled by default and must be explicitly opted into by administrators.

   Please review the parameters in [`simp/simp_options`][simp_simp_options] for

   details.

If you run into problems, please let us know by filing an issue at

https://simp-project.atlassian.net/.

## Setup

### What incron affects

  * incron package

  * incrond service

  * `/etc/incron.deny`

  * `/etc/incron.allow`

## Usage

To use this module, just call the class. This example adds it to a class list in hiera:

```yaml

---

classes:

  - incron

```

Users can also be added to `/etc/incron.allow` with the `incron::user` defined type, or

the `incron::users` array in hiera. The following example adds a few users to `/etc/incron.allow`:

```yaml

incron::users:

  - foo

  - bar

```

New system table entries can be added to `/etc/incron.d/` directory with the `incron::system_table` defined type, or

with the `incron::system_table` hash in hiera. The following example adds two new system table entries to `/etc/incron.d/` 

directory and removes unmanaged files: 

```yaml

incron::purge: true

incron::system_table:

  allowrw:

    path: '/data/'

    command: '/usr/bin/chmod -R 774 $@/$#'

    mask: ['IN_CREATE']

  deletelog:

    path: '/var/run/daemon'

    command: '/usr/bin/rm /var/log/daemon.log'

    mask: ['IN_DELETE']

```

## Reference

Please refer to the inline documentation within each source file, or to the module's generated YARD documentation for reference material.

## Limitations

SIMP Puppet modules are generally intended for use on Red Hat Enterprise Linux and compatible distributions, such as CentOS. Please see the [`metadata.json` file](./metadata.json) for the most up-to-date list of supported operating systems, Puppet versions, and module dependencies.

## Development

Please read our [Contribution Guide] (https://simp.readthedocs.io/en/stable/contributors_guide/index.html).

### Acceptance tests

This module includes [Beaker](https://github.com/puppetlabs/beaker) acceptance tests using the SIMP [Beaker Helpers](https://github.com/simp/rubygem-simp-beaker-helpers).  By default the tests use [Vagrant](https://www.vagrantup.com/) with [VirtualBox](https://www.virtualbox.org) as a back-end; Vagrant and VirtualBox must both be installed to run these tests without modification. To execute the tests run the following:

```shell

bundle install

bundle exec rake beaker:suites

```

Please refer to the [SIMP Beaker Helpers documentation](https://github.com/simp/rubygem-simp-beaker-helpers/blob/master/README.md) for more information.