From 04324e049d455d1ca8ef4e577af9a3ed9a7ac571 Mon Sep 17 00:00:00 2001 From: Kristian Ebdrup Date: Sat, 17 Sep 2022 23:26:10 +0200 Subject: [PATCH] Gramma Fix and fix to tss and nobody user Signed-off-by: Kristian Ebdrup --- tasks/section_5/cis_5.1.x.yml | 2 +- tasks/section_5/cis_5.2.x.yml | 4 ++-- tasks/section_6/cis_6.1.x.yml | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tasks/section_5/cis_5.1.x.yml b/tasks/section_5/cis_5.1.x.yml index 734b434..6e2a56b 100644 --- a/tasks/section_5/cis_5.1.x.yml +++ b/tasks/section_5/cis_5.1.x.yml @@ -148,7 +148,7 @@ dest: /etc/at.deny state: absent - - name: "5.1.9 | PATCH | Ensure at is restricted to authorized users | Check if at.allow exists" + - name: "5.1.9 | PATCH | Ensure at is restricted to authorized users | Check if at.allow exists" stat: path: "/etc/at.allow" register: rhel9cis_5_1_9_at_allow_state diff --git a/tasks/section_5/cis_5.2.x.yml b/tasks/section_5/cis_5.2.x.yml index 7234da6..edc19e1 100644 --- a/tasks/section_5/cis_5.2.x.yml +++ b/tasks/section_5/cis_5.2.x.yml @@ -285,7 +285,7 @@ - ssh - rule_5.2.14 -- name: "5.2.15 | PATCH | Ensure SSH warning banner is configured" +- name: "5.2.15 | PATCH | Ensure SSH warning banner is configured" lineinfile: path: /etc/ssh/sshd_config regexp: '^Banner' @@ -332,7 +332,7 @@ - ssh - rule_5.2.17 -- name: "5.2.18 | PATCH | Ensure SSH MaxSessions is set to 10 or less" +- name: "5.2.18 | PATCH | Ensure SSH MaxSessions is set to 10 or less" lineinfile: path: /etc/ssh/sshd_config regexp: "^#MaxSessions|^MaxSessions" diff --git a/tasks/section_6/cis_6.1.x.yml b/tasks/section_6/cis_6.1.x.yml index c169d4b..6581e6f 100644 --- a/tasks/section_6/cis_6.1.x.yml +++ b/tasks/section_6/cis_6.1.x.yml @@ -88,7 +88,7 @@ - permissions - rule_6.1.4 -- name: "6.1.5 | PATCH | Ensure permissions on /etc/group are configured" +- name: "6.1.5 | PATCH | Ensure permissions on /etc/group are configured" file: dest: /etc/group- owner: root @@ -291,7 +291,7 @@ loop_control: label: "{{ item.mount }}" - - name: "6.1.14 | AUDIT | Audit SUID executables | Alert no SUID executables exist" + - name: "6.1.14 | AUDIT | Audit SUID executables | Alert no SUID executables exist" debug: msg: "Good news! We have not found any SUID executable files on your system" failed_when: false @@ -299,7 +299,7 @@ when: - rhel_08_6_1_14_perms_results.stdout is not defined - - name: "6.1.14 | AUDIT | Audit SUID executables | Alert SUID executables exist" + - name: "6.1.14 | AUDIT | Audit SUID executables | Alert SUID executables exist" debug: msg: "Manual intervention is required -- SUID set on items in {{ item.item.mount }}: {{ item.stout_lines | join(', ') }}" with_items: "{{ rhel_08_6_1_14_perms_results.stdout_lines }}" @@ -326,7 +326,7 @@ loop_control: label: "{{ item.mount }}" - - name: "6.1.15 | AUDIT | Audit SGID executables | Alert no SGID executables exist" + - name: "6.1.15 | AUDIT | Audit SGID executables | Alert no SGID executables exist" debug: msg: "Good news! We have not found any SGID executable files on your system" failed_when: false @@ -334,7 +334,7 @@ when: - rhel_08_6_1_15_perms_results.stdout is not defined - - name: "6.1.15 | AUDIT | Audit SGID executables | Alert SGID executables exist" + - name: "6.1.15 | AUDIT | Audit SGID executables | Alert SGID executables exist" debug: msg: "Manual intervention is required -- SGID set on items in {{ item.item.mount }}: {{ item.stout_lines | join(', ') }}" with_items: "{{ rhel_08_6_1_15_perms_results.stdout_lines }}"