ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

PR - #198 addressed thanks to @brakkio86

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-04-09 16:29:49 +01:00
parent f3ec4bd2bf
commit 7c53c0d96e
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
1 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tasks/section_1/cis_1.3.x.yml
View file

@ -59,12 +59,12 @@
path: /etc/aide.conf path: /etc/aide.conf
marker: "# {mark} Audit tools - CIS benchmark - Ansible-lockdown" marker: "# {mark} Audit tools - CIS benchmark - Ansible-lockdown"
block: | block: |
/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512
/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512
/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512
/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512
/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512
/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512
validate: aide -D --config %s validate: aide -D --config %s
when: when:
- rhel9cis_rule_1_3_3 - rhel9cis_rule_1_3_3