Puppet Class: security_baseline::unowned_files_cron

Defined in:
manifests/unowned_files_cron.pp

Summary

Cron to run search for unowned files

Overview

Create a cron job to run a search for unowned files.

Examples:

include security_baseline::unowned_files_cron

Parameters:

  • dirs_to_exclude (Array) (defaults to: [])

    Array of directories to exclude from search.



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'manifests/unowned_files_cron.pp', line 11

class security_baseline::unowned_files_cron (
  Array $dirs_to_exclude = [],
) {
  $unowned_user = '/usr/share/security_baseline/data/unowned_files_user.txt'
  $unowned_group = '/usr/share/security_baseline/data/unowned_files_group.txt'

  file { '/usr/share/security_baseline/bin/unowned_files.sh':
    ensure  => present,
    content => epp('security_baseline/unowned-files.epp', {
      unowned_user    => $unowned_user,
      unowned_group   => $unowned_group,
      dirs_to_exclude => $dirs_to_exclude,
    }),
    owner   => 'root',
    group   => 'root',
    mode    => '0700',
  }

  $min = fqdn_rand(60, 'aghfsbcHDFBCWDOFBCQWFQBFGH')

  file { '/etc/cron.d/unowned-files.cron':
    ensure  => present,
    content => epp('security_baseline/unowned-files.cron.epp', {min => $min}),
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
  }
}