From d2684c1e9d060229d0ce01d352edea41291396dd Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 20 Jun 2022 17:05:23 +0100
Subject: [PATCH] auditd, sysctl vars goss version update

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 defaults/main.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 6dfa404..2a5a490 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -460,6 +460,11 @@ rhel9cis_tftp_client: false
 
 
 ## Section3 vars
+## Sysctl
+sysctl_update: false
+flush_ipv4_route: false
+flush_ipv6_route: false
+
 ### Firewall Service - either firewalld, iptables, or nftables
 #### Some control allow for services to be removed or masked
 #### The options are under each heading
@@ -498,6 +503,9 @@ rhel9cis_audit_back_log_limit: 8192
 # The max_log_file parameter should be based on your sites policy
 rhel9cis_max_log_file_size: 10
 
+### 4.1.3.x audit template
+update_audit_template: false
+
 ## Preferred method of logging
 ## Whether rsyslog or journald preferred method for local logging
 ## Affects rsyslog cis 4.2.1.3 and journald cis 4.2.2.5
@@ -633,8 +641,8 @@ audit_run_script_environment:
 
 ### Goss binary settings ###
 goss_version:
-    release: v0.3.16
-    checksum: 'sha256:827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb'
+    release: v0.3.18
+    checksum: 'sha256:432308ebca0caf8165d45bd27e3262126aad9d15572ac8cb3149b3c91f75aace'
 audit_bin_path: /usr/local/bin/
 audit_bin: "{{ audit_bin_path }}goss"
 audit_format: json