Added further aide variable

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2025-12-24 14:23:05 +00:00 · 2024-12-10 17:28:49 +00:00 · 2024-12-10 17:28:49 +00:00 · bab28dda45
commit bab28dda45
parent a3f8d4fe1f
2 changed files with 8 additions and 8 deletions
--- a/tasks/section_6/cis_6.1.x.yml
+++ b/tasks/section_6/cis_6.1.x.yml
@ -12,13 +12,9 @@
    - rule_6.1.1
    - NIST800-53R5_AU-2
  block:
-    block:
    - name: "6.1.1 | PATCH | Ensure AIDE is installed"
-      when:
-        - "'aide' not in ansible_facts.packages or
-          'aide-common' not in ansible_facts.packages"
      ansible.builtin.package:
-        name: ['aide', 'aide-common']
+        name: "{{ aide_packages }}"
        state: present
        update_cache: true
      register: discovered_aide_pkg_added
@ -48,10 +44,10 @@
          (discovered_aide_db_age.files | length > 0) or
          rhel9cis_aide_db_recreate
      block:
-        - name: "6.1.1 | PATCH | Ensure AIDE is installed| Build AIDE DB"
+        - name: "6.1.1 | PATCH | Ensure AIDE is installed | Build AIDE DB"
          ansible.builtin.shell: "{{ aide_initiate_command }}"

-        - name: "6.1.1 | PATCH | Ensure AIDE is installed| Build AIDE DB | Wait for file before continuing"
+        - name: "6.1.1 | PATCH | Ensure AIDE is installed | Build AIDE DB | Wait for file before continuing"
          ansible.builtin.wait_for:
            path: /var/lib/aide/aide.db.new.gz

--- a/vars/main.yml
+++ b/vars/main.yml
@ -45,8 +45,12 @@ container_vars_file: is_container.yml
 # system_is_ec2 toggle will disable tasks that fail on Amazon EC2 instances. Set true to skip and false to run tasks
 system_is_ec2: false

+# Aide Packages
+
+aide_packages:
+  - aide
 # Aide initiate command for new DB creation
-aide_initiate_command: aideinit -y -f
+aide_initiate_command: /usr/sbin/aide --init

 # Audit vars
 audit_bins: