PT #184 addressed thansk to @ipruteanu-sie

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2025-12-27 15:33:06 +00:00 · 2024-03-06 10:27:58 +00:00 · 2024-03-06 10:27:58 +00:00 · 91b272baee
commit 91b272baee
parent 112cf5ae8c
2 changed files with 0 additions and 25 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1060,10 +1060,6 @@ rhel9cis_inactivelock:
    # This variable specifies the number of days of inactivity before an account will be locked.
    # CIS requires a value of 30 days or less.
    lock_days: 30
-# This variable governs if authconfig package should be installed. This package provides a simple method of
-# configuring /etc/sysconfig/network to handle NIS, as well as /etc/passwd and /etc/shadow, the files used
-# for shadow password support. Basic LDAP, Kerberos 5, and Winbind client configuration is also provided.
-rhel9cis_use_authconfig: false

 ## Section 5.4 - Configure authselect: Custom authselect profile settings(name, profile to customize, options)
 ## Controls:
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@ -226,27 +226,6 @@
      - level1_server
      - level1_workstation

- name: "PRELIM | Install authconfig"
-  ansible.builtin.package:
-      name: authconfig
-      state: present
-  become: true
-  when:
-      - rhel9cis_use_authconfig
-      - rhel9cis_rule_5_3_1 or
-        rhel9cis_rule_5_3_2 or
-        rhel9cis_rule_5_3_3 or
-       '"authconfig" not in ansible_facts.packages or
-       "auditd-lib" not in ansible_facts.packages'
-  tags:
-      - level1-server
-      - level1-workstation
-      - rule_5.3.1 or
-        rule_5.3.2 or
-        rule_5.3.3
-      - authconfig
-      - auditd
-
 - name: "PRELIM | 5.3.4 | Find all sudoers files."
  ansible.builtin.shell: "find /etc/sudoers /etc/sudoers.d/ -type f ! -name '*~' ! -name '*.*'"
  changed_when: false