Project

General

Profile

Bug #15431

Guard against non-audit mode on node

Added by Nicolas CHARLES 3 months ago. Updated 15 days ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
User visibility:
Effort required:
Priority:
0

Description

We want to have a node local file that tells "this node must be on audit". Suggested file name: /opt/rudder/etc/force-audit-agent

If the policies downloaded from the server is not "audit", then stop execution and report error.

File can be set and unset with
rudder agent set-force-audit
rudder agent unset-force-audit


Subtasks

Bug #15458: Adapt techniques to stop agent if it's not in audit and the audit is enforcedReleasedAlexis MOUSSETActions
Bug #15459: add a rudder agent command to force/unforce audit modeReleasedAlexis MOUSSETActions

Associated revisions

Revision be00fc4b (diff)
Added by Nicolas CHARLES 3 months ago

Fixes #15431: Guard against non-audit mode on node

Revision 32723538 (diff)
Added by Nicolas CHARLES 3 months ago

Refs #15431: Update techniques to have up to date techniques

History

#1

Updated by Nicolas CHARLES 3 months ago

  • Status changed from New to In progress
  • Assignee set to Nicolas CHARLES
#2

Updated by Nicolas CHARLES 3 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2385
#3

Updated by Nicolas CHARLES 3 months ago

  • Status changed from Pending technical review to Pending release
#4

Updated by Vincent MEMBRÉ 15 days ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.0~beta1 which was released today.

Also available in: Atom PDF