ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-05-09 23:33:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

updated handlers

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2026-04-10 16:54:31 +01:00
parent 2d1ae800b3
commit 2ac71da85c
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
1 changed files with 8 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
handlers/main.yml
View file

@ -246,18 +246,21 @@
## Auditd tasks note order for handlers to run
- name: Auditd immutable check
ansible.builtin.command: grep -c "^-e 2" /etc/audit/rules.d/99_auditd.rules
changed_when: false
register: discovered_auditd_immutable_check
- name: Auditd rules reload
when: prelim_auditd_immutable_check.rc == 1 or discovered_augenrules_check.stdout is search('No change')
ansible.builtin.command: augenrules --load
changed_when: true
failed_when: discovered_augenrule_check.rc not in [ 0, 1 ]
register: discovered_augenrule_check
- name: Audit immutable fact
when: discovered_auditd_immutable_check.stdout == '1'
when: prelim_auditd_immutable_check is defined
ansible.builtin.debug:
msg: "Reboot required for auditd to apply new rules as immutable set"
notify: Set reboot required
- name: Stop auditd process
when: prelim_auditd_immutable_check is defined
ansible.builtin.command: systemctl kill auditd
changed_when: true
listen: Restart auditd