linux-baseline icon indicating copy to clipboard operation
linux-baseline copied to clipboard

Published 20 hours ago verified publisher icon dev-sec

Test verification for package removal

Open chris-rock opened this issue 9 years ago • 1 comments

We need to test a default setting for package removal, since the current state my be a little bit confusing for hardening implementors. See the following discussions:

  • https://github.com/hardening-io/chef-os-hardening/pull/12
  • https://github.com/hardening-io/ansible-os-hardening/pull/30

Currently, we decided to set the default for package removal to true:

default[:security][:packages][:clean] = true

chris-rock avatar Jun 24 '15 08:06 chris-rock

Isn't this done here, or do I not understand the issue? https://github.com/hardening-io/tests-os-hardening/blob/master/lockdown/inspec/package_spec.rb

rndmh3ro avatar Feb 05 '16 16:02 rndmh3ro