ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

lint updates

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-01-23 13:58:50 +00:00
parent deb509c873
commit 5bcb791647
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
3 changed files with 8 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tasks/section_1/cis_1.1.3.x.yml
View file

@ -39,7 +39,7 @@
when:
- item.mount == "/var"
- rhel9cis_rule_1_1_3_2 or
rhel9cis_rule_1_1_3_3
rhel9cis_rule_1_1_3_3
tags:
- level1-server
- level1-workstation
@ -48,4 +48,3 @@
- skip_ansible_lint
- rule_1.1.3.2
- rule_1.1.3.3

12
tasks/section_1/cis_1.2.x.yml
View file

@ -90,9 +90,9 @@
block:
- name: "1.2.4 | PATCH | Ensure repo_gpgcheck is globally activated | dnf.conf"
ansible.builtin.lineinfile:
path: /etc/dnf/dnf.conf
regexp: '^repo_gpgcheck'
line: repo_gpgcheck=1
path: /etc/dnf/dnf.conf
regexp: '^repo_gpgcheck'
line: repo_gpgcheck=1
- name: "1.2.4 | AUDIT| Ensure repo_gpgcheck is globally activated | get repo files"
ansible.builtin.find:
@ -102,9 +102,9 @@
- name: "1.2.4 | PATCH | Ensure repo_gpgcheck is globally activated | amend repo files"
ansible.builtin.replace:
path: "{{ item.path }}"
regexp: '^repo_gpgcheck( |)=( |)0'
replace: repo_gpgcheck=1
path: "{{ item.path }}"
regexp: '^repo_gpgcheck( |)=( |)0'
replace: repo_gpgcheck=1
loop: "{{ repo_files.files }}"
loop_control:
label: "{{ item.path }}"