Merge branch 'devel' into improvements

tasks/main.yml

@@ -3,8 +3,8 @@
 
 - name: Check OS version and family
   assert:
-      that: (ansible_os_family == 'RedHat' or ansible_os_family == "Rocky") and ansible_distribution_major_version is version_compare('8', '==')
-      fail_msg: "This role can only be run against RHEL8 family OSs. {{ ansible_distribution }} {{ ansible_distribution_major_version }} is not supported."
+      that: (ansible_distribution != 'CentOS' and ansible_os_family == 'RedHat' or ansible_os_family == "Rocky") and ansible_distribution_major_version is version_compare('8', '==')
+      fail_msg: "This role can only be run against Supported OSs. {{ ansible_distribution }} {{ ansible_distribution_major_version }} is not supported."
       success_msg: "This role is running against a supported OS {{ ansible_distribution }} {{ ansible_distribution_major_version }}"
   when: 
     - os_check
@@ -113,6 +113,7 @@
   tags:
   - rule_5.5.2
   - rule_6.2.7
+  - rule_6.2.8
   - rule_6.2.20
   - rhel9cis_section6
 

tasks/post.yml

@@ -69,4 +69,4 @@
 - name: Reboot host
   reboot:
   when:
-  - not rhel9cis_skip_reboot
+  - not skip_reboot

tasks/section_3/cis_3.4.2.x.yml

@@ -17,7 +17,6 @@
 - name: "3.4.2.2 | L1 | PATCH | Ensure iptables is not enabled with firewalld"
   systemd:
       name: iptables
-      enabled: false
       masked: true
   when:
       - rhel9cis_firewall == "firewalld"

tasks/section_5/cis_5.5.x.yml

@@ -28,7 +28,7 @@
             - item.id != "shutdown"
             - item.id != "sync"
             - item.id != "root"
-            - item.uid < 1000
+            - min_int_uid | int >= item.uid
             - item.shell != "      /bin/false"
             - item.shell != "      /usr/sbin/nologin"
   when:

tasks/section_6/cis_6.2.x.yml

@@ -207,7 +207,7 @@
   loop_control:
       label: "{{ rhel9cis_passwd_label }}"
   when:
-      - item.uid >= min_int_uid
+      - min_int_uid | int >= item.uid
       - rhel9cis_rule_6_2_8
   tags:
       - skip_ansible_lint  # settings found on 6_2_7