ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 14:27:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #437 from defnotyujine/fix-5.3.3.2.7

Browse source 
Updated Jinja template to fix compliance issues for control 5.3.3.2.7
This commit is contained in:
uk-bolly 2026-03-18 17:45:13 +00:00 committed by GitHub
commit 871c75d09e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
defaults/main.yml
View file

@ -1104,7 +1104,7 @@ rhel9cis_passwd_dictcheck_file: etc/security/pwquality.conf.d/50-pwdictcheck.con
rhel9cis_passwd_dictcheck_value: 1
# 5.3.3.2.7 - Ensure password quality is enforced for the root user
rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwquality_enforce.conf # pragma: allowlist secret
rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwroot.conf # pragma: allowlist secret
rhel9cis_passwd_quality_enforce_value: 1
rhel9cis_passwd_quality_enforce_root_value: enforce_for_root # pragma: allowlist secret

2
tasks/section_5/cis_5.3.3.2.x.yml
View file

@ -340,7 +340,7 @@
- system
notify: Authselect update
- name: "5.3.3.2.7 | PATCH | Ensure password quality checking is enforced"
- name: "5.3.3.2.7 | PATCH | Ensure password quality is enforced for the root user"
when: rhel9cis_rule_5_3_3_2_7
tags:
- level1-server