issue #224 addressed thanks to @globalpayments-shoebsyed

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2025-12-24 22:23:06 +00:00 · 2024-08-09 17:21:36 +01:00 · 2024-08-09 17:21:36 +01:00 · 82119205b1
commit 82119205b1
parent 44aa939e13
2 changed files with 8 additions and 0 deletions
--- a/tasks/section_4/cis_4.1.4.x.yml
+++ b/tasks/section_4/cis_4.1.4.x.yml
@ -65,6 +65,8 @@
  ansible.builtin.file:
      path: "{{ item.path }}"
      mode: 'u-x,g-wx,u-rwx'
+  failed_when: rhel9cis_4_1_4_5_file_list.state not in '[ file, absent ]'
+  register: rhel9cis_4_1_4_5_file_list
  loop: "{{ auditd_conf_files.files }}"
  loop_control:
      label: "{{ item.path }}"
@ -81,6 +83,8 @@
  ansible.builtin.file:
      path: "{{ item.path }}"
      owner: root
+  failed_when: rhel9cis_4_1_4_6_file_list.state not in '[ file, absent ]'
+  register: rhel9cis_4_1_4_6_file_list
  loop: "{{ auditd_conf_files.files | default([]) }}"
  loop_control:
      label: "{{ item.path }}"
@ -97,6 +101,8 @@
  ansible.builtin.file:
      path: "{{ item.path }}"
      group: root
+  failed_when: rhel9cis_4_1_4_7_file_list.state not in '[ file, absent ]'
+  register: rhel9cis_4_1_4_7_file_list
  loop: "{{ auditd_conf_files.files | default([]) }}"
  loop_control:
      label: "{{ item.path }}"
--- a/tasks/section_4/cis_4.2.3.yml
+++ b/tasks/section_4/cis_4.2.3.yml
@ -14,6 +14,8 @@
        ansible.builtin.file:
            path: "{{ item.path }}"
            mode: "{{ '0600' if item.mode == '0600' else '0640' }}"
+        failed_when: rhel9cis_4_2_3_file_list.state not in '[ file, absent ]'
+        register: rhel9cis_4_2_3_file_list
        loop: "{{ logfiles.files }}"
        loop_control:
            label: "{{ item.path }}"