ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-26 23:13:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Added further aide variable

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-12-10 17:28:49 +00:00
parent a3f8d4fe1f
commit bab28dda45
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
2 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tasks/section_6/cis_6.1.x.yml
View file

@ -11,14 +11,10 @@
- patch - patch
- rule_6.1.1 - rule_6.1.1
- NIST800-53R5_AU-2 - NIST800-53R5_AU-2
block:
block: block:
- name: "6.1.1 | PATCH | Ensure AIDE is installed" - name: "6.1.1 | PATCH | Ensure AIDE is installed"
when:
- "'aide' not in ansible_facts.packages or
'aide-common' not in ansible_facts.packages"
ansible.builtin.package: ansible.builtin.package:
name: ['aide', 'aide-common'] name: "{{ aide_packages }}"
state: present state: present
update_cache: true update_cache: true
register: discovered_aide_pkg_added register: discovered_aide_pkg_added

6
vars/main.yml
View file

@ -45,8 +45,12 @@ container_vars_file: is_container.yml
# system_is_ec2 toggle will disable tasks that fail on Amazon EC2 instances. Set true to skip and false to run tasks # system_is_ec2 toggle will disable tasks that fail on Amazon EC2 instances. Set true to skip and false to run tasks
system_is_ec2: false system_is_ec2: false
# Aide Packages
aide_packages:
- aide
# Aide initiate command for new DB creation # Aide initiate command for new DB creation
aide_initiate_command: aideinit -y -f aide_initiate_command: /usr/sbin/aide --init
# Audit vars # Audit vars
audit_bins: audit_bins: