The latest 2.6.0 version of Puppet Security Compliance Enforcement (SCE) for Linux is now available. This release adds support for Ubuntu 24.04 LTS and includes a few operational improvements aimed at making SCE easier to run and troubleshoot in day‑to‑day Puppet environments.
Below is a quick overview of what’s new.
Ubuntu 24.04 LTS support
One of the main additions in this release is support for Ubuntu 24.04 LTS. SCE for Linux now allows you to enforce the CIS benchmarks v1.0.0 on Ubuntu 24.04 systems. Both Level 1 and Level 2 CIS profiles are supported.
Operational improvements
This release also includes some changes intended to improve visibility and troubleshooting.
Logging changes
Most SCE logs are now written to the Puppet agent run log. This means you can get more insight into SCE behavior by running the Puppet agent in debug mode, rather than checking separate log locations.
Updated mount information fact
The custom fact sce_mount_info has been updated to report information about all mounted file systems, providing a more complete view of the system during enforcement.
Updated Puppet module dependencies
SCE for Linux now supports the latest versions of puppet/systemd, puppet/logrotate, and puppetlabs/augeas_core.
Resolved issues
Puppet runs no longer fail on systems where the
rsyslogpackage is not installed. This helps avoid unnecessary failures on minimal or customized Linux images.Unnecessary
PAM_POSITION_ALIASESwarning messages related to theaugeasproviders_pammodule should no longer display.
More details
For the full list of changes and additional details, see the official release notes:
https://help.puppet.com/sce/current/linux/scel_relnotes_260.htm
Top comments (0)