ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

update 1.3.1.6 log to grep -E

Browse source 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
This commit is contained in:
Frederick Witty 2025-06-12 15:44:03 -04:00
parent f40d17df92
commit 3a0ee6e9f8
No known key found for this signature in database
GPG key ID: D29987C25A47D813
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/section_1/cis_1.3.1.x.yml
View file

@ -106,7 +106,7 @@
warn_control_id: '1.3.1.6' warn_control_id: '1.3.1.6'
block: block:
- name: "1.3.1.6 | AUDIT | Ensure no unconfined services exist | Find the unconfined services" - name: "1.3.1.6 | AUDIT | Ensure no unconfined services exist | Find the unconfined services"
ansible.builtin.shell: ps -eZ | awk -F':'' '/unconfined_service_t/ && $NF !~ /tr|ps|egrep|bash|awk/ {print $NF}' ansible.builtin.shell: ps -eZ | grep unconfined_service_t | grep -Evw "tr|ps|egrep|bash|awk" | tr ':' ' ' | awk '{ print $NF }'
register: discovered_unconf_services register: discovered_unconf_services
failed_when: false failed_when: false
changed_when: false changed_when: false