Puppet Class: cis_security_hardening::rules::rhnsd

Defined in:
manifests/rules/rhnsd.pp

Summary

Disable the rhnsd Daemon

Overview

The rhnsd daemon polls the Red Hat Network web site for scheduled actions and, if there are, executes those actions.

Rationale: Patch management policies may require that organizations test the impact of a patch before it is deployed in a production environment. Having patches automatically deployed could have a negative impact on the environment. It is best to not allow an action by default but only after appropriate consideration has been made. It is recommended that the service be disabled unless the risk is understood and accepted or you are running your own satellite .

Examples:

class { 'cis_security_hardening::rules::rhnsd':
  enforce => true,
}

Parameters:

  • enforce (Boolean) (defaults to: false)

    Enforce the rule



21
22
23
24
25
26
27
28
29
30
 
# File 'manifests/rules/rhnsd.pp', line 21

class cis_security_hardening::rules::rhnsd (
  Boolean $enforce = false,
) {
  if $enforce {
    ensure_resource('service', 'rhnsd', {
        enable => false,
        ensure => stopped,
    })
  }
}