def configure_cron():
"""5.1 Configure cron"""
# 5.1.1 Ensure cron daemon is enabled
Service('crond').enable()
# 5.1.2 - 5.1.8
exec_shell([
'chown root:root /etc/crontab',
'chmod og-rwx /etc/crontab',
'chown root:root /etc/cron.hourly',
'chmod og-rwx /etc/cron.hourly',
'chown root:root /etc/cron.daily',
'chmod og-rwx /etc/cron.daily',
'chown root:root /etc/cron.weekly',
'chmod og-rwx /etc/cron.weekly',
'chown root:root /etc/cron.monthly',
'chmod og-rwx /etc/cron.monthly',
'chown root:root /etc/cron.d',
'chmod og-rwx /etc/cron.d',
'rm -f /etc/cron.deny',
'rm -f /etc/at.deny',
'touch /etc/cron.allow',
'touch /etc/at.allow',
'chmod og-rwx /etc/cron.allow',
'chmod og-rwx /etc/at.allow',
'chown root:root /etc/cron.allow',
'chown root:root /etc/at.allow'
])
def disable_special_services():
"""2.2.3 - 2.2.14, 2.2.16"""
services = [
'avahi-daemon', 'cups', 'dhcpd', 'slapd', 'nfs', 'rpcbind', 'named',
'vsftpd', 'httpd', 'dovecot', 'smb', 'squid', 'snmpd', 'ypserv'
]
for srv in services:
Service(srv).disable()
def disable_inetd_services():
"""2.1 inetd Services"""
services = [
'chargen-dgram', 'chargen-stream', 'daytime-dgram', 'daytime-stream',
'discard-dgram', 'discard-stream', 'echo-dgram', 'echo-stream',
'time-dgram', 'time-stream', 'rexec', 'rlogin', 'rsh', 'talk',
'telnet', 'tftp', 'rsync', 'xinetd'
]
for srv in services:
Service(srv).disable()
def disable_automounting():
"""1.1.19 Disable Automounting"""
Service('autofs').disable()