ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 14:27:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #31 from ansible-lockdown/JUNE2025QA

Browse source 
June 2025 QA: Replace egrep to grep
This commit is contained in:
Fred W. 2025-06-23 08:36:55 -04:00 committed by GitHub
commit 0efd92e2a3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 18 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

8
handlers/main.yml
View file

@ -150,7 +150,7 @@
ansible.posix.mount:
path: "{{ mount_point }}"
state: remounted
notify: Change_requires_reboot
notify: Set reboot required
listen: "Remount /boot/efi"
- name: Reload sysctl
@ -194,7 +194,7 @@
ansible.builtin.command: update-crypto-policies --set "{{ rhel9cis_full_crypto_policy }}"
changed_when: true
notify:
- Change_requires_reboot
- Set reboot required
- Restart sshd
- name: Restart firewalld
@ -255,7 +255,7 @@
when: discovered_auditd_immutable_check.stdout == '1'
ansible.builtin.debug:
msg: "Reboot required for auditd to apply new rules as immutable set"
notify: Change_requires_reboot
notify: Set reboot required
- name: Stop auditd process
ansible.builtin.command: systemctl kill auditd
@ -268,6 +268,6 @@
state: started
listen: Restart auditd
- name: Change_requires_reboot
- name: Set reboot required
ansible.builtin.set_fact:
change_requires_reboot: true