mukulm
2012-Mar-20 10:12 UTC
[Puppet Users] Secure hostname/Serial number through puppet before signing certs
Hi, I want to apply a security check on hostnames in my domain (abc.example.com) so that puppet should verify the hostname or serial number through "dmidecode -s system-serial-number" instead of "facter| grep -i serial" so that if any node in the domain changes the hostname of the system then also puppet should pick the hostname/serial number through "dmidecode -s system-serial-number" as I had configured " *.example.com " in my autosign.conf file. How can this be achived through puppet ? Also is there any other way so that I can secure my hostname in my domain. Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Mukul Malhotra
2012-Apr-03 14:10 UTC
[Puppet Users] Re: Secure hostname/Serial number through puppet before signing certs
Hi, How can I restrict other nodes or apply some security check to in my domain.For example I had two systems where one is connected with the puppet server for receiving updates & for second system''s I change the hostname to "test.example.com" & configure the system similar to the first system & runs puppetd -td --waitforcert 60 where it receives the updates from the puppet server. I want to restrict the same as I mentioned in my example with nodes within the domain & outside the domain.How can this be achieved ? Thanks mac01 On Tue, Mar 20, 2012 at 3:42 PM, mukulm <smilemukul2005@gmail.com> wrote:> Hi, > > I want to apply a security check on hostnames in my domain > (abc.example.com) so that puppet should verify the hostname or serial > number through "dmidecode -s system-serial-number" instead of "facter| > grep -i serial" so that if any node in the domain changes the hostname > of the system then also puppet should pick the hostname/serial number > through "dmidecode -s system-serial-number" as I had configured " > *.example.com " in my autosign.conf file. How can this be achived > through puppet ? > > Also is there any other way so that I can secure my hostname in my > domain. > > Thanks-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.