ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 14:27:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

QA Fixes

Browse source 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
This commit is contained in:
Frederick Witty 2026-02-10 16:01:05 -05:00
parent 2863be6c02
commit 11becb32c5
No known key found for this signature in database
GPG key ID: 0CFA99C02DE4D8C3
17 changed files with 132 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

1
vars/is_container.yml
View file

@ -57,7 +57,6 @@ rhel9cis_rule_1_1_6: false
rhel9cis_rule_1_1_7: false
rhel9cis_rule_1_1_8: false
rhel9cis_rule_1_1_9: false
rhel9cis_rule_1_1_10: false
# /var/log
rhel9cis_rule_1_1_11: false
# /var/log/audit

4
vars/main.yml
View file

@ -41,7 +41,7 @@ gpg_key_package: "{{ ansible_facts.distribution | lower }}-gpg-keys"
## Controls 6.3.3.x - Audit template
# This variable is set to true by tasks 6.3.3.1 to 6.3.3.20. As a result, the
# audit settings are overwritten with the role's template. In order to exclude
# specific rules, you must set the variable of form `ubtu24cis_rule_6_3_3_x` above
# specific rules, you must set the variable of form `rhel9cis_rule_6_3_3_x` above
# to `false`.
update_audit_template: false
@ -52,7 +52,7 @@ update_audit_template: false
# system_is_container the true. Otherwise, the default value
# 'false' is left unchanged.
system_is_container: false
# The filename of the existing yml file in role's 'vars/' sub-directory
# The filename of the existing yml file in role's 'vars/' sub-directory
# to be used for managing the role-behavior when a container was detected:
# (de)activating rules or for other tasks(e.g. disabling Selinux or a specific
# firewall-type).