mirror of
https://github.com/ansible-lockdown/RHEL9-CIS.git
synced 2025-12-24 14:23:05 +00:00
updates var naming
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell
parent
c451f15546
commit
7374c37510
2 changed files with 24 additions and 24 deletions
|
|
@ -453,15 +453,15 @@ rhel9cis_is_mail_server: false
|
|||
# Note the options
|
||||
# Packages are used for client services and Server- only remove if you dont use the client service
|
||||
#
|
||||
rhel9cis_use_nfs:
|
||||
- service: false
|
||||
- server: false
|
||||
rhel9_use_rpc:
|
||||
- service: false
|
||||
- server: false
|
||||
rhel9cis_use_rsync:
|
||||
- service: false
|
||||
- server: false
|
||||
|
||||
rhel9cis_use_nfs_server: false
|
||||
rhel9cis_use_nfs_service: false
|
||||
|
||||
rhel9cis_use_rpc_server: false
|
||||
rhel9cis_use_rpc_service: false
|
||||
|
||||
rhel9cis_use_rsync_server: false
|
||||
rhel9cis_use_rsync_service: false
|
||||
|
||||
#### 2.3 Service clients
|
||||
rhel9cis_ypbind_required: false
|
||||
|
|
@ -592,9 +592,9 @@ rhel9cis_rsyslog_ansiblemanaged: true
|
|||
|
||||
# 5.5.1
|
||||
## PAM
|
||||
rhel9cis_pam_password: |
|
||||
minlen = 14
|
||||
minclass = 4
|
||||
rhel9cis_pam_password:
|
||||
minlen: 14
|
||||
minclass: 4
|
||||
|
||||
rhel9cis_pam_faillock:
|
||||
remember: 5
|
||||
|
|
|
|||
|
|
@ -310,8 +310,8 @@
|
|||
name: nfs-utils
|
||||
state: absent
|
||||
when:
|
||||
- not rhel9cis_use_nfs.server
|
||||
- not rhel9cis_use_nfs.service
|
||||
- not rhel9cis_use_nfs_server
|
||||
- not rhel9cis_use_nfs_service
|
||||
|
||||
- name: "2.2.18 | PATCH | Ensure nfs-utils is not installed or the nfs-server service is masked | mask service"
|
||||
systemd:
|
||||
|
|
@ -319,8 +319,8 @@
|
|||
masked: true
|
||||
state: stopped
|
||||
when:
|
||||
- not rhel9cis_use_nfs.server
|
||||
- rhel9cis_use_nfs.service
|
||||
- not rhel9cis_use_nfs_server
|
||||
- rhel9cis_use_nfs_service
|
||||
when:
|
||||
- "'nfs-utils' in ansible_facts.packages"
|
||||
- rhel9cis_rule_2_2_18
|
||||
|
|
@ -342,8 +342,8 @@
|
|||
name: rpcbind
|
||||
state: absent
|
||||
when:
|
||||
- not rhel9cis_use_rpc.server
|
||||
- not rhel9cis_use_rpc.service
|
||||
- not rhel9cis_use_rpc_server
|
||||
- not rhel9cis_use_rpc_service
|
||||
|
||||
- name: "2.2.19 | PATCH | Ensure rpcbind is not installed or the rpcbind services are masked | mask service"
|
||||
systemd:
|
||||
|
|
@ -351,8 +351,8 @@
|
|||
masked: true
|
||||
state: stopped
|
||||
when:
|
||||
- rhel9cis_use_rpc.server
|
||||
- not rhel9cis_use_rpc.service
|
||||
- rhel9cis_use_rpc_server
|
||||
- not rhel9cis_use_rpc_service
|
||||
when:
|
||||
- "'rpcbind' in ansible_facts.packages"
|
||||
- rhel9cis_rule_2_2_19
|
||||
|
|
@ -373,8 +373,8 @@
|
|||
name: rsync
|
||||
state: absent
|
||||
when:
|
||||
- not rhel9cis_use_rsync.server
|
||||
- not rhel9cis_use_rsync.service
|
||||
- not rhel9cis_use_rsync_server
|
||||
- not rhel9cis_use_rsync_service
|
||||
|
||||
- name: "2.2.20 | PATCH | Ensure rsync service is not enabled | mask service"
|
||||
systemd:
|
||||
|
|
@ -382,8 +382,8 @@
|
|||
masked: true
|
||||
state: stopped
|
||||
when:
|
||||
- rhel9cis_use_rsync.server
|
||||
- not rhel9cis_use_rsync.service
|
||||
- rhel9cis_use_rsync_server
|
||||
- not rhel9cis_use_rsync_service
|
||||
when:
|
||||
- "'rsync' in ansible_facts.packages"
|
||||
- rhel9cis_rule_2_2_20
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue