ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-26 15:13:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

import_tasks file added

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-09-21 15:07:52 +01:00
parent af20f70f24
commit c5ed197e03
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
19 changed files with 57 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tasks/section_1/cis_1.1.2.x.yml
View file

@ -7,7 +7,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.2.1 | PATCH | Ensure /tmp is a separate partition | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yml
vars:
warn_control_id: '1.1.2.1'
required_mount: '/tmp'

3
tasks/section_1/cis_1.1.3.x.yml
View file

@ -7,7 +7,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.3.1 | AUDIT | Ensure separate partition exists for /var | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.1.3.1'
required_mount: '/var'

3
tasks/section_1/cis_1.1.4.x.yml
View file

@ -8,7 +8,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.4.1 | AUDIT | Ensure separate partition exists for /var/tmp | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.1.4.1'
required_mount: '/var/tmp'

3
tasks/section_1/cis_1.1.5.x.yml
View file

@ -7,7 +7,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.5.1 | AUDIT | Ensure separate partition exists for /var/log | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.1.5.1'

3
tasks/section_1/cis_1.1.6.x.yml
View file

@ -7,7 +7,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.6.1 | AUDIT | Ensure separate partition exists for /var/log/audit | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.1.6.1'

3
tasks/section_1/cis_1.1.7.x.yml
View file

@ -7,7 +7,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.7.1 | AUDIT | Ensure separate partition exists for /home | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.1.7.1'

3
tasks/section_1/cis_1.1.8.x.yml
View file

@ -15,7 +15,8 @@
msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
- name: "1.1.8.1 | AUDIT | Ensure separate partition exists for /home | Present"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
when: rhel9cis_1_8_1_1_mount_check.rc == 1
vars:

3
tasks/section_1/cis_1.2.x.yml
View file

@ -73,7 +73,8 @@
- "{{ dnf_configured.stdout_lines }}"
- name: "1.2.3 | AUDIT | Ensure package manager repositories are configured | Warn Count"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
vars:
warn_control_id: '1.2.3'
when:

3
tasks/section_1/cis_1.6.1.x.yml
View file

@ -93,7 +93,8 @@
when: rhelcis_1_6_1_6_unconf_services.stdout | length > 0
- name: "1.6.1.6 | AUDIT | Ensure no unconfined services exist | warning count"
ansible.builtin.import_tasks: warning_facts.yml
ansible.builtin.import_tasks:
file: warning_facts.yaml
when: rhelcis_1_6_1_6_unconf_services.stdout | length > 0
vars:
warn_control_id: '1.6.1.6'