Change Log for RHEL5 Desktop USGCB Puppet Modules
  
July 2011 Beta Release
Updates include:
  - fixed the modprobe module so that its behavior is idempotent (no
    longer adds lines on each run)
  - updated the modprobe module to keep the disabled module list in
    /etc/modprobe.d/usgcb-blacklist instead of /etc/modprobe.conf
  - changed the method by which the ipv6 module is disabled in order to
    allow the module to be loaded (and satisfy some dependencies)
  - altered the rsyslog.conf.erb template to more closely align with the
    newer system default and the kickstart, and ensure local logging occurs
  - added a setting to /etc/default/useradd to automatically deactivate
    local accounts 30 days after their passwords expire
  - changed group ownership of /etc/ntp.conf to match what the RPM
    database expects
  - added unlock_time=900 to pam_tally2 settings to help prevent denials
    of service
  - transitioned to sed statements (from template) for /etc/libuser.conf
    modifications
  - transitioned to augeas (from sed statements) for /etc/login.defs settings

March 2011 Beta Release
Updates include:
  - added new pam lines, including pam_tally2.so, and corrected existing
    pam modifications
  - changed sshd timeout from 5 minutes to 15
  - corrected sysctl setting to set
    net.ipv4.icmp_ignore_bogus_error_responses, not
    net.ipv4.icmp_ignore_bogus_error_messages
  - updated comments and corrected missing descriptions and other
    information in each module's manifest file, standardized formatting
    to make each module more consistent (creating a more professional
    appearance), added function documentation where appropriate
  - greatly simplified iptables module
  - updated puppet modules to work with puppet 2.6, and eliminated
    obsolete augeas::basic-change function
  - added some test conditions to prevent certain functions or augeas
    settings from getting applied unnecessarily
  - fixed duplicate line for cups in services