ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Interactive user discovery improve thanks to @polski-g

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2025-05-23 15:53:03 +01:00
parent 4357f132a9
commit cc48a0d0b5
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
5 changed files with 19 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_5/cis_5.4.2.x.yml
View file

@ -195,7 +195,7 @@
- name: "5.4.2.7 | PATCH | Ensure system accounts do not have a valid login shell"
when:
- rhel9cis_rule_5_4_2_7
- "item.id not in prelim_interactive_usernames.stdout"
- "item.id not in prelim_interactive_usernames | map(attribute='username')"
- item.id not in rhel9cis_system_users_shell
- "'root' not in item.id"
- rhel9cis_disruption_high
@ -220,7 +220,7 @@
when:
- rhel9cis_rule_5_4_2_8
- rhel9cis_disruption_high
- "item.id not in prelim_interactive_usernames.stdout"
- "item.id not in prelim_interactive_usernames | map(attribute='username')"
- "'root' not in item.id"
tags:
- level1-server