Class badperms::badperms
In: /tmp/puppet/modules/badperms/manifests/init.pp
Parent:

Class: badperms

Module: badperms

Description:

        Creates a daily cron job that checks for bad permission settings
        such as world writable files, sticky bits not set on a+w directories,
        non-whitelisted suid/guid executables, unowned files, and root ownership
        for world-writable directories.  This cron job attempts to fix any item
        found.

Requires: cron must run the cron.daily folder

LinuxGuide

        2.2.3.2
        2.2.3.3
        2.2.3.4
        2.2.3.5
        2.2.3.6

CCERef#:

        CCE-3399-3
        CCE-3795-2
        CCE-3324-1
        CCE-4178-0
        CCE-4223-4
        CCE-3573-3

File: /etc/puppet/modules/badperms/manifests/init.pp

Resources

Resources

File["/etc/cron.daily/badperms.cron"]
   owner => "root"
   group => "root"
   mode => 755
   content => template("badperms/badperms.cron.erb")

GuideSections 2.2.3.2 - 2.2.3.6

[Validate]