ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

audit binaries variables

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-12-10 16:46:08 +00:00
parent 2827c752ac
commit c5278da4e5
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
1 changed files with 3 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

24
tasks/section_6/cis_6.3.4.x.yml
View file

@ -105,13 +105,7 @@
ansible.builtin.file:
path: "{{ item }}"
mode: 'go-w'
loop:
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules
loop: "{{ audit_bins }}"
- name: "6.3.4.9 | PATCH | Ensure audit tools owner is configured"
when:
@ -126,13 +120,7 @@
path: "{{ item }}"
owner: root
group: root
loop:
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules
loop: "{{ audit_bins }}"
- name: "6.3.4.10 | PATCH | Ensure audit tools group owner is configured"
when:
@ -147,10 +135,4 @@
ansible.builtin.file:
path: "{{ item }}"
group: root
loop:
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules
loop: "{{ audit_bins }}"