Feature #16207

Allow users to provide custom hiera configuration

Added by Chris Roberts 6 months ago. Updated 4 months ago.

Status:Closed
Priority:Normal
Assigned To:Stephen Benjamin
Category:foreman-installer script
Target version:-
Difficulty:easy Bugzilla link:1305782
Found in release: Pull request:https://github.com/theforeman/foreman-installer/pull/206, https://github.com/theforeman/foreman-installer/pull/205, https://github.com/theforeman/foreman-installer/pull/204
Story points-
Velocity based estimate-
Release1.14.0Release relationshipAuto

Description

Cloned from Bugzilla

Description of problem:
default install of satellite 6.1.5 has Apache configured with TraceEnabled On
This causes generic security auditors to panic and raise red flags

Version-Release number of selected component (if applicable):
6.1.5

How reproducible:
Every time

Steps to Reproduce:
1. Install Satellite 6.1.5
2. Pay some security auditor to scan it
3.

Actual results:
Trace/Track enabled

Expected results:
Should be disabled

Additional info:
had to modify /etc/httpd/conf/httpd.conf

Associated revisions

Revision cd995d8d
Added by Stephen Benjamin 4 months ago

fixes #16207 - allow users to provide custom hiera configuration

Revision 9b69685f
Added by Dominic Cleal 4 months ago

refs #16207 - generate custom.yaml symlink during build phase

Ensures the build phase of the Rakefile can be run with a different
prefix to the installation phase, for use in package builds where the
installation phase prefix is not the standard directory. Matches how
configuration files all have paths set in the build phase.

Revision 0a7d47d5
Added by Dominic Cleal 4 months ago

refs #16207 - move foreman-hiera.conf out of _build/config

History

#1 Updated by Chris Roberts 6 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppetlabs-apache/pull/2 added

#2 Updated by Chris Roberts 6 months ago

  • Release set to 1.13.0

#3 Updated by Chris Roberts 6 months ago

  • Status changed from Ready For Testing to Rejected

#4 Updated by Dominic Cleal 6 months ago

  • Release deleted (1.13.0)

#5 Updated by Stephen Benjamin 4 months ago

  • Project changed from Foreman to Installer
  • Subject changed from TRACE enabled in httpd.conf to Allow users to provide custom hiera configuration
  • Category deleted (Security)
  • Status changed from Rejected to New
  • Assigned To changed from Chris Roberts to Stephen Benjamin
  • Pull request deleted (https://github.com/theforeman/puppetlabs-apache/pull/2)

#6 Updated by The Foreman Bot 4 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-installer/pull/204 added

#7 Updated by Dominic Cleal 4 months ago

  • Tracker changed from Bug to Feature
  • Category set to foreman-installer script
  • Release set to 1.14.0

#8 Updated by Anonymous 4 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by The Foreman Bot 4 months ago

  • Pull request https://github.com/theforeman/foreman-installer/pull/205 added

#10 Updated by The Foreman Bot 4 months ago

  • Pull request https://github.com/theforeman/foreman-installer/pull/206 added

Also available in: Atom PDF