Add attribute to control login.defs PASS_WARN_AGE #135
Conversation
|
@ncs-alane thanks for the nice pr. i need some time to review it. can you please add a short description about the new attribute in the README.md |
|
@atomic111 sure thing! |
There was a problem hiding this comment.
@ncs-alane thank you for this PR!
Could you please move the test improvements (cached chef-runs and changes of expect/syntax) to a dedicated PR (see my question to @chris-rock above regarding the syntax change). Its a bit hard to review, still if there is a good commit order. The main intention of this PR is to introduce the pass_warn_age and not to improve the tests, still if this is a good thing :-)
| expect(chef_run).to include_recipe 'os-hardening::profile' | ||
| expect(chef_run).to include_recipe 'os-hardening::securetty' | ||
| expect(chef_run).to include_recipe 'os-hardening::sysctl' | ||
| is_expected.to include_recipe 'os-hardening::packages' |
There was a problem hiding this comment.
@chris-rock as far I can remember we have everywhere the expect(chef_run) syntax. What do you think, is this change Ok for us?
I personally would like to have this changes everywhere (incl. other chef repos) and in the dedicated PR(s).
|
@artem-sidorenko okay, I've reverted the test changes and moved them to #136. |
|
@ncs-alane that looks much more better :-) Many thanks for splitting of this PR. May I ask you to cleanup the commit history by squashing the commits? @atomic111 LGTM when the history is clean |
ncs-alane
force-pushed
the
ncs-alane-pass-warn-age
branch
from
6f22c61 to
b6d70c9
Compare
|
@artem-sidorenko done like dinner! |
|
@ncs-alane thank you! Lets wait a bit for @atomic111 to have look (it looks like he is a bit busy currently with something). I'll try to review the test improvements in the next days |
|
@ncs-alane thank you for the great work!!! |
|
@atomic111 you're very welcome! |
Adds
node['os-hardening']['auth']['pass_warn_age']with a default of7, and passes it to the/etc/login.defstemplate.