Puppet Class: psick::hardening::packages

Defined in:
manifests/hardening/packages.pp

Overview

Generic class to remove unnecessary packages

Examples:

Remove gcc from all systems

psick::hardening::packages::packages_to_remove:
  - gcc

Parameters:

  • packages_to_remove (Array)

    List of packages to remove

  • packages_default (Array)

    Default list, OS dependent, of packages to remove

  • remove_default_packages (Boolean) (defaults to: true)

    If to remove the packages_default

  • manage (Boolean) (defaults to: $psick::manage)
  • noop_manage (Boolean) (defaults to: $psick::noop_manage)
  • noop_value (Boolean) (defaults to: $psick::noop_value)


11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'manifests/hardening/packages.pp', line 11

class psick::hardening::packages (
  Array $packages_to_remove,
  Array $packages_default,
  Boolean $remove_default_packages = true,
  Boolean $manage                  = $psick::manage,
  Boolean $noop_manage             = $psick::noop_manage,
  Boolean $noop_value              = $psick::noop_value,
) {
  if $manage {
    if $noop_manage {
      noop($noop_value)
    }
    $packages = $remove_default_packages ? {
      true  => $packages_to_remove + $packages_default,
      false => $packages_to_remove,
    }

    $packages.each |$pkg| {
      package { $pkg:
        ensure => absent,
      }
    }
  }
}