cfbs add delete-files
A simple module to delete specific files.
It allows you to specify a list of files you want deleted on hosts in your infrastructure. When this module is deployed as part of your policy set, every time CFEngine runs, it will check if those files exist, and delete them if they do.
Recommendation: Enforce the removal of files known to be malicious or indicating insecure configuration. Examples of such files are `~/.shosts` files, `/etc/cron.deny`, etc.
This module accepts input. Both the cfbs CLI and Mission Portal (3.21 and beyond) allow you to specify the files you want deleted. Here is an example of what it looks like in Mission Portal:
delete_files:delete_files.files
Array of dicts having path and why keys.
path must be a regular expression matching the fully qualified path to a filewhy should explain why the file being absent is important {
"variables": {
"delete_files:delete_files.files": {
"comment": "Files and their required permissions",
"value": [
{
"why": "The file lists remote hosts and users that are trusted by the local system when using the rshd daemon and can allow unauthenticated access to the system. Reccomended by CIS CCE-84145-2.",
"path": "/etc/hosts.equiv"
},
{
"why": "The file lists remote hosts and users that are trusted by the local system when using the rshd daemon and can allow unauthenticated access to the system. Reccomended by CIS CCE-84145-2.",
"path": "/home/.*/.rhosts"
},
{
"why": "The file lists remote hosts and users that are trusted by the local system when using the rshd daemon and can allow unauthenticated access to the system. Reccomended by CIS CCE-84145-2.",
"path": "/root/.rhosts"
}
]
}
}
}Notes:
delete_files:DEBUG or default:DEBUG define results in DEBUG reports from policy.path and why keys is supported.why key is supported.why key added in version 2.0.0.This module has no dependencies