Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

auditd (9) Versions 0.1.8

Installs/Configures auditd

Berkshelf/Librarian
Policyfile
Knife
cookbook 'auditd', '= 0.1.8'
cookbook 'auditd', '= 0.1.8', :supermarket
knife cookbook site install auditd
knife cookbook site download auditd
README
Dependencies
Changelog
Quality

auditd Cookbook

Cookbook Version

A simple cookbook to install auditd and provided rulesets. Rulesets included in the OS auditd/audit package as examples are based on 4 established standards:

The OS package provides the client side tools for working with the linux kernel audit framework.

Requirements

Linux : any distribution in theory, but only Ubuntu and RHEL 6 have been tested.

Attributes

  • node['auditd']['ruleset'] - ruleset to use, either "default" (the default if unset) or one of the provided examples
  • node['auditd']['backlog'] - backlog size, default is 320 should be larger for busy systems

Usage

If you're using one of the default rulesets set the correct attribute based on the ruleset desired, one of:

  • "capp" : Controlled Access Protection Profile
  • "lspp" : Labeled Security Protection Profile
  • "nispom" : National Industrial Security Program Operating Manual (NISPOM)
  • "stig" : Security Technical Implementation Guides
  • "cis" : Center for Internet Security auditd recommendations

And include recipe[auditd::rules] in your run list. You can also set the attribute node['auditd']['ruleset'] to the name of a custom rule template to be used instead of one of the default rules.

If you are using the recipe from a wrapper cookbook, include the default recipe recipe[auditd] to setup the service and use the auditd_ruleset resource to place your rule template of choice.

If you are not satisfied with any of the provided templates, you can specify the cookbook attribute in auditd_ruleset to use your own set of rules. In this case, do not include recipe[auditd::rules].

TODO

Ideally the auditd_ruleset resource could make use of a data bag search to build the data driven ruleset

Make builtins an array attribute to allow user updates without cookbook release.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

stig Applicable Versions

CHANGELOG for auditd

This file is used to list changes made in each version of auditd.

0.1.8:

  • add coc and contributing documents
  • update gitignore list for some chef related files
  • update supermarket uri
  • use correct restart command when under systemd on rhel
  • better rule definition support for rhel systems that no longer ship with examples
  • add test suite for capp rules

0.1.2:

  • excluded non-default rulesets for RedHat; they use a version-specific path that I can't find any easy way to determine programatically

0.1.1:

  • added RedHat support

0.1.0:

  • Initial release of auditd

Check the Markdown Syntax Guide for help with Markdown.

The Github Flavored Markdown page describes the differences between markdown on github and standard markdown.

Collaborator Number Metric
            

0.1.8 passed this metric