Puppet Class: security_baseline::sticky_world_writabe_cron

Defined in:

manifests/sticky_world_writabe_cron.pp

Summary

Create cron job for searching world writable dir3ctories with sticky bit

Overview

Create a cron ob for the search for world writable directories with sticky bit set.

Examples:

include security_baseline::sticky_world_writabe_cron

Parameters:

• dirs_to_exclude (Array) (defaults to: []) —

  Array of directories to exclude from search.

# File 'manifests/sticky_world_writabe_cron.pp', line 11

class security_baseline::sticky_world_writabe_cron (
  Array $dirs_to_exclude = [],
) {
  $filename = '/root/world-writable-files.txt'

  file { '/usr/share/security_baseline/bin/sticy-world-writable.sh':
    ensure  => present,
    content => epp('security_baseline/sticky-world-writeable.epp', {
      filename        => $filename,
      dirs_to_exclude => $dirs_to_exclude
    }),
    owner   => 'root',
    group   => 'root',
    mode    => '0700',
  }

  $min = fqdn_rand(60, 'ah  ue65^b  gdf^zrbzcê2zf^b w')

  file { '/etc/cron.d/sticky-world-writebale.cron':
    ensure  => present,
    content => epp('security_baseline/sticky-world-writeable.cron.epp', {min => $min}),
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
  }
}