RyChannel
01/06/2025, 2:21 PMDavid Sandilands
01/06/2025, 2:32 PMRyChannel
01/06/2025, 2:56 PMRyChannel
01/06/2025, 3:50 PMRyChannel
01/06/2025, 4:51 PMRyChannel
01/08/2025, 2:48 PMspp
01/08/2025, 2:54 PMRyChannel
01/10/2025, 2:08 PMMike Loseke
01/13/2025, 7:46 PMspp
01/13/2025, 8:27 PMCVQuesty
01/13/2025, 9:41 PMCVQuesty
01/13/2025, 9:41 PMRyChannel
01/16/2025, 2:26 PMRyChannel
01/16/2025, 2:31 PMRyChannel
01/16/2025, 3:29 PMRyChannel
01/16/2025, 3:29 PMRyChannel
01/16/2025, 3:43 PMJacob Wade
02/24/2025, 10:31 PMChandler Hagan
03/05/2025, 6:09 PMbolt plan run complyadm::install
. The podman containers all look to be up, however I am unable to access the UI. Checking the network settings of the container, I see it is set to bridge mode. Am i missing some sort of configuration? Firewalld is disabled so I don't think its the firewallspp
03/05/2025, 6:56 PMRyChannel
03/07/2025, 3:30 PMRyChannel
04/08/2025, 3:40 PMkenyon
05/05/2025, 7:48 PMsce_linux::utils::packages::linux::auditd
but the response from support seems wrong. That class has an (undocumented) parameter $manage_auditd_rulesd
which to me seems clearly intended to be used for enabling full management of the directory /etc/audit/rules.d
, meaning that unmanaged files will be purged. That parameter defaults to false
. The bug is that setting that parameter to true
only sets purge => true
on the file
resource, and the recurse
attribute is missing. From the docs, purge
only makes sense when `recurse => true`: https://github.com/puppetlabs/puppet/blob/e227c27540975c25aa22d533a52424a9d2fc886a/references/types/file.md?plain=1#L492-L493
But the response from support was that this is intentional: "The sce_linux
module is designed to manage only the files it creates and does not purge others to avoid accidentally removing any custom configurations you may have in the same directory. Our team has intentionally chosen not to remove unmanaged files to prevent potential issues."
This response from support doesn't make sense because you can't accidentally remove custom configurations when the default value for the parameter is false
, you have to intentionally set it to true
. It is pretty clear that the parameter was intended to allow for purging unmanaged files, otherwise the parameter is useless. There is no other way to accomplish this, since the file
resource in sce_linux
is managing the directory, we can't also manage the directory in our own code.
Can we get this ticket reevaluated?RyChannel
05/06/2025, 2:41 PMOmar Morales
05/15/2025, 9:15 PM/v1/manage-default-desired-compliance
but if I'm not mistaken all this would do is change the default compliance for hosts added to the inventory during a sync, which is not what I'm necessarily looking for.
Seems like these profiles have to be managed manually but if anyone was able to accomplish setting these profiles using some kind of automation, I would love to hear how you did it.RyChannel
05/27/2025, 3:45 PMRyChannel
05/28/2025, 2:49 PMRyChannel
06/03/2025, 8:45 PMRyChannel
06/12/2025, 2:18 PMRyChannel
06/12/2025, 2:19 PM