Changelog

v4.2.0 (2023-12-22)

Full Changelog

Closed issues:

• Dependency Dashboard #305
• Support for RHEL 8 / Rocky Linux 8 #279
• Linux Baseline tests are failing for os-13 #272
• chef exec rake lint fails, foodcritic deprecated #265

Merged pull requests:

• Update actions/upload-artifact action to v4 #312 (renovate[bot])
• Update actions/download-artifact action to v4 #311 (renovate[bot])
• Allow more changes to AuditD #310 (tdekoning93)
• CI: run for all PRs #309 (artem-sidorenko)
• Deprecation of Ubuntu 18.04 #308 (artem-sidorenko)
• CI: Update actions/checkout action to v4 #304 (renovate[bot])
• Removal of Gemfile and Rakefile #303 (artem-sidorenko)
• Testing on Oraclelinux 8 and 9 #302 (artem-sidorenko)
• Testing on Almalinux and Rockylinux 8/9 #301 (artem-sidorenko)
• Testing on the CentOS Stream 8 and 9 #300 (artem-sidorenko)
• Run tests on the current fedora 37 and 38 #299 (artem-sidorenko)
• Testing on debian 10 and 11 #298 (artem-sidorenko)
• Testing on ubuntu 18.04 and 20.04 #297 (artem-sidorenko)

* This Changelog was automatically generated by github_changelog_generator

Changelog

v4.1.2 (2023-06-06)

Full Changelog

Merged pull requests:

• CI: run the test workflow also on the release branches #295 (artem-sidorenko)

* This Changelog was automatically generated by github_changelog_generator

Changelog

v4.1.1 (2023-06-06)

Full Changelog

Merged pull requests:

• Removing coveralls #293 (artem-sidorenko)
• CI: fix - we need three guard jobs #292 (artem-sidorenko)

* This Changelog was automatically generated by github_changelog_generator

Changelog

v4.1.0 (2023-06-06)

Full Changelog

Closed issues:

• Amazon Linux 2 Auditd fails to restart #270
• pwquality.conf defaults or suggested config #267
• Configuration conflict when using both chef-ssh-hardening and chef-os-hardening #264
• Chef warning when /bin/su is a symlink #262
• os-hardening::profile recipe creating pinerolo_profile.sh file with .old extension on each chef-client run #255

Merged pull requests:

• CI : release workflow with upload to supermarket #290 (artem-sidorenko)
• CI: supermarket upload workflow #289 (artem-sidorenko)
• CI: disable debian-9 dokken tests for now #288 (artem-sidorenko)
• CI: add spellchecking with codespell #287 (schurzi)
• CI: another catch-all job for runs on the main code #286 (artem-sidorenko)
• CI: tests on the real DO VMs #285 (artem-sidorenko)
• CI : Kitchen - vagrant and dokken tests #284 (artem-sidorenko)
• CI: Configure Renovate #283 (renovate[bot])
• CI: run dokken jobs #282 (artem-sidorenko)
• CI: run cookstyle #281 (artem-sidorenko)
• CI: setup cinc WS in the GH actions #280 (artem-sidorenko)
• Hardening of crontabs and directories #273 (mfortin)
• Amazon Linux 2 AuditD issue #271 (mfortin)
• expose pam_unix.so options to an attribute #268 (bcg62)
• Fix warning on managing /bin/su symlink #263 (sean-nixon)
• Initial (sans Arch) auditd management support. #260 (b-dean)
• CI: testing of Centos 8 #259 (artem-sidorenko)
• CI: testing of Debian 10 #258 (artem-sidorenko)
• Fix CI: run testing on Chef 14 and 15 #256 (artem-sidorenko)

* This Changelog was automatically generated by github_changelog_generator

v4.0.0 (2019-04-10)

Full Changelog

Closed issues:

• Deprecated feature sysctl_param used #230

Merged pull requests:

• Update of metadata with supported distros #252 (artem-sidorenko)
• Removal of config disclaimer attribute #249 (artem-sidorenko)
• Docs: update of supported distros #247 (artem-sidorenko)
• Removal of fedora 27 as its EOL #246 (artem-sidorenko)
• Removal of Ubuntu 14.04 support #245 (artem-sidorenko)
• Removal of Debian 8 as its EOL #244 (artem-sidorenko)
• CI: improvements with handling of different chef versions #243 (artem-sidorenko)
• Updates of metadata and readme #242 (artem-sidorenko)
• Eliminating spacing for alligment #241 (artem-sidorenko)
• Update of rubocop to 0.65 #240 (artem-sidorenko)
• CI: Run unit tests on chef 14, update of some gems, small cleanup #239 (artem-sidorenko)
• Remove sysctl cookbook dependency and use new native sysctl resource #228 (josqu4red)

v3.2.1 (2019-03-07)

Full Changelog

Fixed bugs:

• execute[update-pam] resource fails on Ubuntu 14.04 on Azure #237
• exec-shield incompatible with Oracle Linux UEK #234

Merged pull requests:

• Use full path for executing pam-auth-update #238 (sean-nixon)
• Do not apply exec-shield if running Oracle Linux with UEK - addresses #234 #235 (eyespies)

v3.2.0 (2019-01-16)

Full Changelog

Closed issues:

• Missing cookbook Chai #232
• Bug: unable to use override to disable module #208
• PAM config prevents launching of GDM on Fedora 27 #206
• Migration to the new major sysctl cookbook version #198

Merged pull requests:

• Update the CI settings - this fixes it again #231 (artem-sidorenko)
• Update issue templates #229 (rndmh3ro)
• Fix CI: pin cucumber 3 #227 (artem-sidorenko)
• Make the daemon umask configurable #226 (jaksi)
• Ubuntu 18.04 is supported #223 (frederikbosch)
• Fix Fedora EOL #221 (artem-sidorenko)
• Fix fedora EOL in the CI #220 (artem-sidorenko)
• Fixing debian-9 CI tests #219 (artem-sidorenko)
• Fedora 26 is EOL, replacing with 28 #218 (artem-sidorenko)
• added ability to use template cookbook for login.defs #217 (ekelson-bcove)
• allow setting uid/gid max by attribute #215 (mattlqx)
• Update kitchen config for more platforms #213 (tas50)
• Add pam_systemd.so to system-auth-ac #207 (avanier)

v3.1.0 (2018-05-16)

Full Changelog

Fixed bugs:

• fix metadata #204 (chris-rock)

Closed issues:

• earlier version #205
• Make auditd recipe optional #200
• Dependency on pinned, old version of sysctl #192
• compat_resource deprecated #186
• Usage of azure as cloud provider for CI #183

Merged pull requests:

• Test with Foodcritic 13 #212 (tas50)
• Test on Ruby 2.4.4 #211 (tas50)
• use sysctl 1.0 #210 (dhohengassner)
• added mail_dir attribute and moved component attributes to attributes… #209 (ekelson-bcove)
• improve testing around amazon linux #202 (chris-rock)
• Container support and dokken tests in travis CI #199 (artem-sidorenko)
• Lazy pin the sysctl major version #197 (artem-sidorenko)
• Feature/allow setting template source #196 (eyespies)
• Unpin sysctl dependency #195 (artem-sidorenko)
• add basic support for amazon linux #194 (chris-rock)
• Fix fedora shadow permissions #190 (artem-sidorenko)
• Fedora 25 is EOL, replacing with 27 #189 (artem-sidorenko)
• Remove dependency on compat_resource #188 (bablakely)

v3.0.0 (2017-12-21)

Full Changelog

Closed issues:

• os-10 from linux-baseline is missing #167
• Removal of core dump hardening configuration if core dumps are allowed #165
• Integration testing of this cookbook in the CI #142
• Selinux enforcing support for RHEL/Centos? #106
• If I "enable" core dumps with chef-os-hardening, am I really fully enabling core dumps? #105

Merged pull requests:

• Skip auditd tests #181 (artem-sidorenko)
• Make fedora tests pass #179 (shoekstra)
• Control ownership of /var/log #178 (shoekstra)
• RH family: adapt some settings, as RH has better defaults #177 (artem-sidorenko)
• Fix for fedora: lets use generic package resource #176 (artem-sidorenko)
• Kitchen: Using the same names for platforms for different drivers #175 (artem-sidorenko)
• Enable core dumps if they are enabled via attribute #174 (artem-sidorenko)
• Selinux enforcing support for RHEL/Centos #173 (AnMoeller)
• Kitchen: Update of testing boxes/images #172 (artem-sidorenko)
• Lets disable unused filesystems per default #169 (artem-sidorenko)

v2.1.1 (2017-08-21)

Full Changelog

Closed issues:

• Cookbook fails on CentOS Linux release 7.2.1511 - kernel.exec-shield #166

Merged pull requests:

• Fix: do not touch exec-shield on RHEL 7 #168 (artem-sidorenko)