ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Initial

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-01-07 09:06:18 +00:00
commit a54b5216eb
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
87 changed files with 7693 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

46
tasks/audit_homedirperms.yml Normal file
View file

@ -0,0 +1,46 @@
---
- name: "SCORED | 6.2.8 | PATCH | Ensure users' home directories permissions are 750 or more restrictive"
find:
paths:
- "{{ homedir }}"
recurse: true
file_type: any
register: rhel_09_6_2_8_results
when:
- rhel9cis_rule_6_2_8|bool
tags:
- level1
- patch
- rule_6.2.8
- name: "SCORED | 6.2.8 | PATCH | Ensure users' home directories permissions are 750 or more restrictive"
file:
path: "{{ line_item.path }}"
mode: 0640
loop: "{{ rhel_09_6_2_8_results.files }}"
loop_control:
label: "{{ line_item.path }}"
loop_var: line_item
when:
- rhel_09_6_2_8_results.files.isreg is defined
- rhel9cis_rule_6_2_8|bool
tags:
- level1
- patch
- rule_6.2.8
- name: "SCORED | 6.2.8 | PATCH | Ensure users' home directories permissions are 750 or more restrictive"
file:
path: "{{ line_item.path }}"
mode: 0750
loop: "{{ rhel_09_6_2_8_results.files }}"
loop_control:
label: "{{ line_item.path }}"
loop_var: line_item
when:
- rhel_09_6_2_8_results.files.isdir is defined
- rhel9cis_rule_6_2_8|bool
tags:
- level1
- patch
- rule_6.2.8