Version 2.6.0

Released 17 March 2026

This release introduces support for the Ubuntu Linux 24.04 operating system, updates Puppet module dependencies, and improves reporting of mount points. The release also resolves minor issues to improve the reliability of Puppet runs.

New features and enhancements

  • Support for Ubuntu 24.04. You can use SCE to enforce the Center for Internet Security (CIS) Benchmark for Ubuntu Linux 24.04, v1.0.0, Server Levels 1 and 2.

  • Support for Puppet module dependencies. To take advantage of fixes and improvements in Puppet modules, SCE for Linux now supports the latest versions of the following Puppet module dependencies:
    puppet/systemd: >= 3.5.0 < 10.0.0
    puppet/logrotate: >= 5.0.0 < 10.0.0
    puppetlabs/augeas_core: >= 1.1.1 < 3.0.0

  • SCE-specific information in logs. SCE now sends most of its logs to the Puppet agent run log, instead of the puppetserver.log file on the Puppet primary server. Because of this update, users can now run the Puppet agent in debug mode and get more SCE-specific information in the run log.

  • Additional information about mount points. The custom fact sce_mount_info is updated to provide insight into all mounted file systems. Previously, the fact covered only file systems that were listed in the /etc/fstab configuration file. As in previous releases, you can use SCE to manage USB drives. However, SCE now issues an informational message if a USB drive is detected but not listed in fstab.

In addition to sce_mount_info, which was developed as a custom fact primarily for SCE internal use, the built-in mountpoints fact remains available and provides more comprehensive mount-point information.

Resolved issues

  • Puppet run failures related to auditd. Previously, SCE for Linux users experienced Puppet run failures in environments where the rsyslog package was not installed. The issue occurred because the auditd service processed an audit_files list that erroneously included rsyslogd. The rsyslogd entry was removed to resolve the issue.

  • Warning message when using the augeasproviders_pam module. Previously, users of the augeasproviders_pam module saw the following message when running Puppet:
    warning: already initialized constant PAM_POSITION_ALIASES
    The issue is resolved, and the warning is no longer displayed.

  • Issue with STIG control V-258189. On the Red Hat Enterprise Linux (RHEL) 9 operating system, STIG control V-258189 failed to audit all uses of the delete_module system call. A typo was fixed to resolve the issue.