Table of Contents
This project is only approved for material that is completely releasable to the public.
Please do not upload material that has not been approved for public release.
If you are looking to use the SIMP materials on an existing system, instructions are available in the SIMP Documentation.
If you're using a new system, such as a fresh VM or a bare metal system, you will want to follow the instructions for building an ISO.
Product documentation is housed at ReadTheDocs.org.
NOTE
Release packages are now hosted on PackageCloud
Release Tarballs and ISOs (CentOS powered) can be found at https://simp-project.com/ISO/SIMP
There is also a RPM archive now availble.
Older releases can be found on BinTray
Installation guidance can be found in the official SIMP documentation.
- 6.0.0-RC1
- 5.2.1-0
- Red Hat Enterprise Linux
- RHEL 7.2 (download)
- CentOS
- Red Hat Enterprise Linux
- 4.3.1-0
For those out there that just want the goods, the actual code for the SIMP project is hosted under the SIMP GitHub Organization.
SIMP is a framework that provides a flexible combination of security compliance and operational automation.
The goal of the project is to provide a complete management environment focused on compliance with the various profiles in the SCAP Security Guide and industry best practice.
Though it is fully capable out of the box, the intent of SIMP is to be molded to your target environment in such a way that deviations are easily identifiable to both Operations Teams and Security Officers.
At this time, there are no commercial requirements for the use of SIMP outside of the purchase of Red Hat Enterprise Linux licenses as applicable.
This Work is provided "as is." Any express or implied warranties, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the United States Government be liable for any direct, indirect, incidental, special, exemplary or consequential damages (including, but not limited to, procurement of substitute goods or services, loss of use, data or profits, or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this Guidance, even if advised of the possibility of such damage.
The User of this Work agrees to hold harmless and indemnify the United States Government, its agents, and employees from every claim or liability (whether in tort or in contract), including attorneys' fees, court costs, and expenses, arising in direct consequence of Recipient's use of the item, including, but not limited to, claims or liabilities made for injury to or death of personnel of User or third parties, damage to or destruction of property of User or third parties, and infringement or other violations of intellectual property or technical data rights.
Nothing in this Work is intended to constitute an endorsement, explicit or implied, by the US Government of any particular manufacturer's product or service.
SIMP uses Puppet to manage and maintain the configuration of the various component systems.
Though there are many possible configurations, out of the box SIMP provides:
- Management
- Puppet Server
- PuppetDB
- MCollective
- Authentication
- OpenLDAP
- Kickstart/Update
- YUM
- DNS
- DHCP
- TFTP
Please see the SIMP Documentation for a more in-depth look at the SIMP software stack.
All materials are copyright their respective owners unless otherwise noted.
Per Section 105 of the Copyright Act of 1976, these works are not entitled to domestic copyright protection under US Federal law.
The US Government retains the right to pursue copyright protections outside of the United States.
The United States Government has unlimited rights in this software and all derivatives thereof, pursuant to the contracts under which it was developed and the License under which it falls.
Released under the Apache License, Version 2.
- Feel free to sign up for an account here to file bugs, help track issues, or vote for your favorite feature.
- We suggest using the Agile board view to see what we're currently working on.
SIMP Project HipChat => No account required for this room
- It is highly suggested that you either use a non-primary e-mail
for this or that you use an e-mail modifier such as
+simp
. - When signing up for a new account, use
simp-project
as the team name.
The SIMP Project has moved away from GerritHub and is now using native GitHub for code reviews.
- simp : A QA Board for the general community.
- simp-users : A place for users of SIMP to ask questions, get help, and be part of the community.
- simp-dev : This list is for the development community interested in extending or contributing to the platform.
- simp-announce : Announcements for new versions and security events.
- simp-security : A place to file security related issues that will only be seen by the SIMP team.
Prior to joining a mailing list, please review our Community Code of Conduct.
Please see CONTRIBUTING for information on how to contribute to this project.
Last, but not least, this is the list of all SIMP component modules as hosted under the SIMP Project.
Release RPMs are now hosted on PackageCloud.
Older RPMs can be found on BinTray.
Look for the repository that is associated with the version of SIMP that you
wish to build. The latest packages can always be found in the .X
repositories. For example, the latest 4 series packages would be found in the
4.X
repository.
Please make sure that the RPMs are properly signed with the GPG key listed below.
All officially released RPMs are signed with the SIMP Release Key
* ID: 7DA6F216 * Fingerprint: 103B 439D ADF4 AE61 FA69 98AF EE8C 77AF 7DA6 F216
The project has its own module skeleton for quickly getting up and running with the expected layout and testing framework for SIMP modules.
- pupmod-simp-acpid
- pupmod-simp-activemq
- pupmod-simp-aide
- pupmod-simp-apache
- pupmod-simp-at
- pupmod-simp-auditd
- pupmod-simp-autofs
- pupmod-simp-backuppc
- pupmod-simp-cgroups
- pupmod-simp-chkrootkit
- pupmod-simp-clamav
- pupmod-simp-compliance_markup
- pupmod-simp-cron
- pupmod-simp-dhcp
- pupmod-simp-dirtycow
- pupmod-simp-etcd
- pupmod-simp-fips
- pupmod-simp-foreman
- pupmod-simp-freeradius
- pupmod-simp-functions
- pupmod-simp-ganglia
- pupmod-simp-gdm
- pupmod-simp-gfs2
- pupmod-simp-gnome
- pupmod-simp-incron
- pupmod-simp-iptables
- pupmod-simp-issue
- pupmod-simp-jenkins
- pupmod-simp-journald
- pupmod-simp-kibana
- pupmod-simp-krb5
- pupmod-simp-libreswan
- pupmod-simp-libvirt
- pupmod-simp-localusers
- pupmod-simp-logrotate
- pupmod-simp-mcafee
- pupmod-simp-mcollective
- pupmod-simp-mozilla
- pupmod-simp-multipathd
- pupmod-simp-named
- pupmod-simp-network
- pupmod-simp-nfs
- pupmod-simp-nifi
- pupmod-simp-nscd
- pupmod-simp-ntpd
- pupmod-simp-oddjob
- pupmod-simp-openscap
- pupmod-simp-pam
- pupmod-simp-pki
- pupmod-simp-polkit
- pupmod-simp-postfix
- pupmod-simp-pupmod
- pupmod-simp-resolv
- pupmod-simp-rsync
- pupmod-simp-rsyslog
- pupmod-simp-selinux
- pupmod-simp-shinken
- pupmod-simp-simp
- pupmod-simp-simp_elasticsearch
- pupmod-simp-simp_grafana
- pupmod-simp-simp_logstash
- pupmod-simp-simp_nfs
- pupmod-simp-simp_openldap
- pupmod-simp-simp_options
- pupmod-simp-simp_rsyslog
- pupmod-simp-simpcat
- pupmod-simp-simplib
- pupmod-simp-site
- pupmod-simp-snmpd
- pupmod-simp-ssh
- pupmod-simp-sssd
- pupmod-simp-stunnel
- pupmod-simp-sudo
- pupmod-simp-sudosh
- pupmod-simp-svckill
- pupmod-simp-swap
- pupmod-simp-sysctl
- pupmod-simp-tcpwrappers
- pupmod-simp-tftpboot
- pupmod-simp-tpm
- pupmod-simp-tuned
- pupmod-simp-upstart
- pupmod-simp-useradd
- pupmod-simp-vnc
- pupmod-simp-vsftpd
- pupmod-simp-xinetd
- puppet-gpasswd
- rubygem-simp-beaker-helpers
- rubygem-simp-build-helpers
- rubygem-simp-cli
- rubygem-simp-module-repoclosure
- rubygem-simp-processgraph
- rubygem-simp-rake-helpers
- rubygem-simp-release-tools
- rubygem-simp-rspec-puppet-facts
- rubygem-simp-spec-helpers
- augeasproviders
- augeasproviders_apache
- augeasproviders_base
- augeasproviders_core
- augeasproviders_grub
- augeasproviders_mounttab
- augeasproviders_nagios
- augeasproviders_pam
- augeasproviders_postgresql
- augeasproviders_puppet
- augeasproviders_shellvar
- augeasproviders_ssh
- augeasproviders_sysctl
- mcollective-puppet_bundle-agent
- onyxpoint-learning_custom_types
- pupmod-mock-puppet_enterprise
- puppet-bundle-face
- puppet-datacat
- puppet-elasticsearch
- puppet-grafana
- puppet-haveged
- puppet-kmod
- puppet-lib-file_concat
- puppet-logstash
- puppet-memcached
- puppet-nsswitch
- puppet-timezone
- puppetlabs-apache
- puppetlabs-concat
- puppetlabs-inifile
- puppetlabs-java
- puppetlabs-java_ks
- puppetlabs-motd
- puppetlabs-mysql
- puppetlabs-postgresql
- puppetlabs-puppetdb
- puppetlabs-stdlib
- voxpupuli-yum