Project

General

Profile

Actions

Bug #15431

closed

Guard against non-audit mode on node

Added by Nicolas CHARLES over 5 years ago. Updated about 5 years ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:

Description

We want to have a node local file that tells "this node must be on audit". Suggested file name: /opt/rudder/etc/force-audit-agent

If the policies downloaded from the server is not "audit", then stop execution and report error.

File can be set and unset with
rudder agent set-force-audit
rudder agent unset-force-audit


Subtasks 2 (0 open2 closed)

Bug #15458: Adapt techniques to stop agent if it's not in audit and the audit is enforcedReleasedAlexis MoussetActions
Bug #15459: add a rudder agent command to force/unforce audit modeReleasedAlexis MoussetActions
Actions #1

Updated by Nicolas CHARLES over 5 years ago

  • Status changed from New to In progress
  • Assignee set to Nicolas CHARLES
Actions #2

Updated by Nicolas CHARLES over 5 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2385
Actions #3

Updated by Nicolas CHARLES over 5 years ago

  • Status changed from Pending technical review to Pending release
Actions #4

Updated by Vincent MEMBRÉ about 5 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.0~beta1 which was released today.

Actions

Also available in: Atom PDF