Puppet Class: linux_secured::clear_caches

Defined in:

manifests/clear_caches.pp

Summary

This class contains the puppet code that implements the default facter cache invalidation rules.

Overview

linux_secured::clear_caches

Whenever a certain set of Puppet classes or defined types is applied, it will clear the facter caches for those facts that are implemented.

See the file “LICENSE” for the full license governing this code.

# File 'manifests/clear_caches.pp', line 10

class linux_secured::clear_caches () {
  fact_cache { 'contains_sudo_noauthenticate_rules':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Re_authentication_for_privilege_escalation_is_not_disabled_globally<||> ~> Fact_cache['contains_sudo_noauthenticate_rules']

  fact_cache { 'contains_sudo_nopasswd_rules':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Users_must_provide_password_for_escalation<||> ~> Fact_cache['contains_sudo_nopasswd_rules']

  fact_cache { 'contains_sudo_timestamp_timeout':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Sudo_authentication_timeout_is_configured_correctly<||> ~> Fact_cache['contains_sudo_timestamp_timeout']

  fact_cache { 'forward_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_users_have_forward_files<||> ~> Fact_cache['forward_files']

  fact_cache { 'home_directories_not_owner_by_user':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Users_own_their_home_directories<||> ~> Fact_cache['home_directories_not_owner_by_user']

  fact_cache { 'incorrect_configured_private_host_keys':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Permissions_on_ssh_private_host_key_files_are_configured<||> ~> Fact_cache['incorrect_configured_private_host_keys']

  fact_cache { 'incorrect_configured_public_host_keys':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Permissions_on_ssh_public_host_key_files_are_configured<||> ~> Fact_cache['incorrect_configured_public_host_keys']

  fact_cache { 'netrc_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_users_have_netrc_files<||> ~> Fact_cache['netrc_files']

  fact_cache { 'privileged_commands':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Use_of_privileged_commands_are_collected<||> ~> Fact_cache['privileged_commands']

  fact_cache { 'repos_with_gpg_disabled':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Gpgcheck_is_globally_activated<||> ~> Fact_cache['repos_with_gpg_disabled']

  fact_cache { 'restricted_sudo_group':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Access_to_the_su_command_is_restricted<||> ~> Fact_cache['restricted_sudo_group']

  fact_cache { 'rhosts_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_users_have_rhosts_files<||> ~> Fact_cache['rhosts_files']

  fact_cache { 'system_accounts_wih_invalid_shell':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::System_accounts_are_secured<||> ~> Fact_cache['system_accounts_wih_invalid_shell']

  fact_cache { 'system_accounts_with_usable_password':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::System_accounts_are_secured<||> ~> Fact_cache['system_accounts_with_usable_password']

  fact_cache { 'to_permissive_dot_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Users_dot_files_are_not_group_or_world_writable<||> ~> Fact_cache['to_permissive_dot_files']

  fact_cache { 'to_permissive_netrc_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Users_netrc_files_are_not_group_or_world_accessible<||> ~> Fact_cache['to_permissive_netrc_files']

  fact_cache { 'to_permissve_home_directories':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Users_home_directories_permissions_are_750_or_more_restrictive<||> ~> Fact_cache['to_permissve_home_directories']

  fact_cache { 'ungrouped_files_and_directories':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_ungrouped_files_or_directories_exist<||> ~> Fact_cache['ungrouped_files_and_directories']

  fact_cache { 'unowned_files_and_directories':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_unowned_files_or_directories_exist<||> ~> Fact_cache['unowned_files_and_directories']

  fact_cache { 'users_with_long_expiration':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Password_expiration_is_365_days_or_less<||> ~> Fact_cache['users_with_long_expiration']

  fact_cache { 'users_with_long_lock_periode':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Inactive_password_lock_is_30_days_or_less <||> ~> Fact_cache['users_with_long_lock_periode']

  fact_cache { 'users_with_pwdchange_in_future':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::All_users_last_password_change_date_is_in_the_past<||> ~> Fact_cache['users_with_pwdchange_in_future']

  fact_cache { 'users_with_short_expiration':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Minimum_days_between_password_changes_is_7_or_more <||> ~> Fact_cache['users_with_short_expiration']
  Linux_secured::Controls::Password_expiration_warning_days_is_7_or_more<||> ~> Fact_cache['users_with_short_expiration']

  fact_cache { 'users_with_short_warning_periode':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Password_expiration_warning_days_is_7_or_more<||> ~> Fact_cache['users_with_short_warning_periode']

  fact_cache { 'users_without_home_directory':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::All_users_home_directories_exist<||> ~> Fact_cache['users_without_home_directory']

  fact_cache { 'users_without_password':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::Password_fields_are_not_empty<||> ~> Fact_cache['users_without_password']

  fact_cache { 'world_writable_files':
    ensure      => 'absent',
    refreshonly => true,
  }
  Linux_secured::Controls::No_world_writable_files_exist<||> ~> Fact_cache['world_writable_files']
}