ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 14:23:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

pam vars

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-04-04 19:31:02 +01:00
parent 223254b5c9
commit 3d5fd41ed8
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
1 changed files with 9 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

14
defaults/main.yml
View file

@ -583,6 +583,7 @@ rhel9cis_authselect_custom_profile_create: false
# 5.3.2 Enable automation to select custom profile options, using the settings above
rhel9cis_authselect_custom_profile_select: false
rhel9cis_pass:
max_days: 365
min_days: 7
@ -591,14 +592,17 @@ rhel9cis_pass:
rhel9cis_syslog: rsyslog
rhel9cis_rsyslog_ansiblemanaged: true
# 5.5.1
## PAM
rhel9cis_pam_password:
minlen: "14"
minclass: "4"
rhel9cis_pam_password: |
minlen = 14
minclass = 4
rhel9cis_pam_faillock:
remember: 5
# UID settings for interactive users
# These are discovered via logins.def is set true
# These are discovered via logins.def if set true
discover_int_uid: false
min_int_uid: 1000
max_int_uid: 65533