c40f1d531b
- Add 22.04 to charmcraft.yaml - Update metadata to include jammy - Remove impish from metadata - Update osci.yaml to include py3.10 default job - Modify tox.ini to remove py35,py36,py37 tox target and add py310 target. - ensure that the openstack-origin is yoga - charmhelpers sync Change-Id: Ie37826e7803659f2f40eaac5f8d539cce5ef145b |
||
|---|---|---|
| .. | ||
| apache | ||
| audits | ||
| defaults | ||
| host | ||
| mysql | ||
| ssh | ||
| __init__.py | ||
| harden.py | ||
| README.hardening.md | ||
| templating.py | ||
| utils.py | ||
Juju charm-helpers hardening library
Description
This library provides multiple implementations of system and application hardening that conform to the standards of http://hardening.io/.
Current implementations include:
- OS
- SSH
- MySQL
- Apache
Requirements
- Juju Charms
Usage
-
Synchronise this library into your charm and add the harden() decorator (from contrib.hardening.harden) to any functions or methods you want to use to trigger hardening of your application/system.
-
Add a config option called 'harden' to your charm config.yaml and set it to a space-delimited list of hardening modules you want to run e.g. "os ssh"
-
Override any config defaults (contrib.hardening.defaults) by adding a file called hardening.yaml to your charm root containing the name(s) of the modules whose settings you want override at root level and then any settings with overrides e.g.
os: general: desktop_enable: True
-
Now just run your charm as usual and hardening will be applied each time the hook runs.