ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

fix: more readable condition and prevent skipping 0600 #173

Browse source 
Signed-off-by: rjacobs1990 <ricardojacobs20@gmail.com>
This commit is contained in:
rjacobs1990 2024-02-12 16:21:31 +01:00
parent 8652390beb
commit 742165cd72
No known key found for this signature in database
GPG key ID: EA7B6E324836CABC
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/section_4/cis_4.2.3.yml
View file

@ -13,7 +13,7 @@
- name: "4.2.3 | PATCH | Ensure permissions on all logfiles are configured | change permissions"
ansible.builtin.file:
path: "{{ item.path }}"
mode: "{{ '0640' if item.mode != '0600' else '0600' }}"
mode: "{{ '0600' if item.mode == '0600' else '0640' }}"
loop: "{{ logfiles.files }}"
loop_control:
label: "{{ item.path }}"