ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-25 06:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

added legacy mount check again

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-06-21 14:16:58 +01:00
parent a8ec3e343a
commit cf6e08c390
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
1 changed files with 18 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

18
tasks/prelim.yml
View file

@ -90,6 +90,24 @@
when:
- '"python3-libselinux" not in ansible_facts.packages'
- name: "PRELIM | Set facts based on boot type"
block:
- name: "PRELIM | Check whether machine is UEFI-based"
stat:
path: /sys/firmware/efi
register: rhel_09_efi_boot
- name: "PRELIM | AUDIT | set legacy boot and grub path | Bios"
set_fact:
rhel9cis_legacy_boot: true
grub2_path: /etc/grub2.cfg
when: not rhel_09_efi_boot.stat.exists
- name: "PRELIM | set grub fact | UEFI"
set_fact:
grub2_path: /etc/grub2-efi.cfg
when: rhel_09_efi_boot.stat.exists
- name: "PRELIM | Section 4.1 | Configure System Accounting (auditd)"
package:
name: audit