Puppet Class: os_hardening::modules

Defined in:
manifests/modules.pp

Overview

Class: os_hardening::modules

Manage Kernel Modules

Parameters:

  • disable_filesystems (Array) (defaults to: ['cramfs','freevxfs','jffs2','hfs','hfsplus','squashfs','udf']) 


11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'manifests/modules.pp', line 11

class os_hardening::modules (
  Array $disable_filesystems =
    ['cramfs','freevxfs','jffs2','hfs','hfsplus','squashfs','udf'],
) {

  # Disable unused filesystems (os-10)
  file { '/etc/modprobe.d/dev-sec.conf':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0440',
    content => template('os_hardening/disable_fs.erb'),
  }

}