Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Puppet for hardening hosts

Hi. We are a Linux place and we recently purchased a new Solaris server. I was in the process of writing a shell script to do our hardening steps but I figured this would be a good time to implement Puppet in our environment.

So I want to use Puppet to do my Solaris hardening instead of running a post-install script. Is there something out there that I can base myself on to start this? This will be my first use of Puppet.

Also, I went through the Learning Puppet lessons with the learning VM. Now I want to start for real but I feel like it would be nice to have a base to use to start with something instead of starting with nothing at all. What is a good way to start doing manifests and templates for a new environment?

Thank you.

Puppet for hardening hosts

Hi. We are a Linux place and we recently purchased a new Solaris server. I was in the process of writing a shell script to do our hardening steps but I figured this would be a good time to implement Puppet in our environment.

So I want to use Puppet to do my Solaris hardening instead of running a post-install script. Is there something out there that I can base myself on to start this? This will be my first use of Puppet.

Also, I went through the Learning Puppet lessons with the learning VM. Now I want to start for real but I feel like it would be nice to have a base to use to start with something instead of starting with nothing at all. What is a good way to start doing manifests and templates for a new environment?

Thank you.

=============

EDIT: So then, let's say I need to modify the following files:

/etc/profile /etc/default/passwd /etc/passwd /etc/shadow /etc/ssh/sshd_config /etc/X11/gdm/gdm.conf

Should I create 1 manifest that will take care of all those files, or should I create separate manifests for each files? Other ideas?