Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions of /var/log/apt/eipp.log.xz #82

Open
opentokix opened this issue May 30, 2024 · 2 comments
Open

Permissions of /var/log/apt/eipp.log.xz #82

opentokix opened this issue May 30, 2024 · 2 comments
Assignees
@tom-krieger
Labels
bug Something isn't working

Comments

@opentokix
Copy link

This file is under /var/log and is world readable (and getting changes back to world readable) so this will generate endless changes for the puppet runs when you enable

cis_security_hardening::rules::logfile_permissions:enforce: true

Non-world readable generic logfiles is good for the benchmark, but this file need to be ignored somehow.

See answer on the debian mailinglist here
@tom-krieger tom-krieger added the bug Something isn't working label Jun 23, 2024
@tom-krieger
Copy link
Owner

Will check that.

@tom-krieger
Copy link
Owner

I currently use npwalker-recursive_file_permissions to set the permissions. This module ha as far as i know no exclude lists or something similar. Maybe I can write a PR for the module or use something different.

@tom-krieger tom-krieger self-assigned this Aug 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tom-krieger tom-krieger

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@opentokix @tom-krieger