ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

QA fixes and rollback of audit_only logic

Browse source 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
This commit is contained in:
Frederick Witty 2026-02-11 14:54:30 -05:00
parent 11becb32c5
commit 71206432be
No known key found for this signature in database
GPG key ID: 0CFA99C02DE4D8C3
6 changed files with 9 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

4
templates/ansible_vars_goss.yml.j2
View file

@ -206,7 +206,6 @@ rhel9cis_rule_2_4_2_1: {{ rhel9cis_rule_2_4_2_1 }}
rhel9cis_rule_3_1_1: {{ rhel9cis_rule_3_1_1 }}
rhel9cis_rule_3_1_2: {{ rhel9cis_rule_3_1_2 }}
rhel9cis_rule_3_1_3: {{ rhel9cis_rule_3_1_3 }}
rhel9cis_ipv6_disable_method: {{ rhel9cis_ipv6_disable_method }}
## Network Kernel Modules
rhel9cis_rule_3_2_1: {{ rhel9cis_rule_3_2_1 }}
@ -293,7 +292,6 @@ rhel9cis_rule_5_3_3_2_4: {{ rhel9cis_rule_5_3_3_2_4 }}
rhel9cis_rule_5_3_3_2_5: {{ rhel9cis_rule_5_3_3_2_5 }}
rhel9cis_rule_5_3_3_2_6: {{ rhel9cis_rule_5_3_3_2_6 }}
rhel9cis_rule_5_3_3_2_7: {{ rhel9cis_rule_5_3_3_2_7 }}
rhel9cis_rule_5_3_3_2_8: {{ rhel9cis_rule_5_3_3_2_8 }}
# 5.3.3.3 Configure pam_pwhistory module
# This are added as part of 5.3.2.4 using jinja2 template
rhel9cis_rule_5_3_3_3_1: {{ rhel9cis_rule_5_3_3_3_1 }}
@ -532,6 +530,8 @@ rhel9cis_bluetooth_mask: {{ rhel9cis_bluetooth_mask }}
## 3.1 IPv6 requirement toggle
# This variable governs whether ipv6 is enabled or disabled.
rhel9cis_ipv6_required: {{ rhel9cis_ipv6_required }}
# rhel9cis_ipv6_disable defines the method of disabling IPv6, sysctl vs kernel
rhel9cis_ipv6_disable_method: {{ rhel9cis_ipv6_disable_method }}
# 3.3 System network parameters (host only OR host and router)
# This variable governs whether specific CIS rules