ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 07:23:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

add pkg fact and audit conditionals

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-01-19 09:35:41 +00:00
parent 21875f5790
commit 3dcaa58291
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
1 changed files with 13 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

15
tasks/post.yml
View file

@ -6,6 +6,12 @@
autoremove: true
changed_when: false
- name: Gather the package facts after remediation
package_facts:
manager: auto
tags:
- always
- name: trigger update sysctl
shell: /bin/true
args:
@ -38,8 +44,13 @@
changed_when: true
check_mode: false
when:
- "'auditd' in ansible_facts.packages"
- rhel9cis_rule_4_1_3 or
- rhel9cis_rule_4_1_1_1 or
rhel9cis_rule_4_1_1_2 or
rhel9cis_rule_4_1_1_3 or
rhel9cis_rule_4_1_2_1 or
rhel9cis_rule_4_1_2_2 or
rhel9cis_rule_4_1_2_3 or
rhel9cis_rule_4_1_3 or
rhel9cis_rule_4_1_4 or
rhel9cis_rule_4_1_5 or
rhel9cis_rule_4_1_6 or