ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-05-10 07:33:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Apply container guards and skips for CIS hardening

Browse source 
Signed-off-by: DayneD89 <dayned89@gmail.com>
This commit is contained in:
DayneD89 2026-04-30 14:48:38 -05:00
parent c7ed4de9a8
commit 5ab951145c
No known key found for this signature in database
GPG key ID: 53DEA2240A4E3A67
10 changed files with 113 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tasks/section_6/cis_6.3.1.x.yml
View file

@ -26,7 +26,9 @@
state: present
- name: "6.3.1.2 | PATCH | Ensure auditing for processes that start prior to auditd is enabled"
when: rhel9cis_rule_6_3_1_2
when:
- rhel9cis_rule_6_3_1_2
- not system_is_container
tags:
- level2-server
- level2-workstation
@ -51,7 +53,9 @@
changed_when: true
- name: "6.3.1.3 | PATCH | Ensure audit_backlog_limit is sufficient"
when: rhel9cis_rule_6_3_1_3
when:
- rhel9cis_rule_6_3_1_3
- not system_is_container
tags:
- level2-server
- level2-workstation
@ -91,7 +95,9 @@
changed_when: true
- name: "6.3.1.4 | PATCH | Ensure auditd service is enabled and active"
when: rhel9cis_rule_6_3_1_4
when:
- rhel9cis_rule_6_3_1_4
- not system_is_container
tags:
- level2-server
- level2-workstation