ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

new control option due to space on auditing

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-07-25 14:53:05 +01:00
parent 595b952089
commit d3f2677fd5
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
2 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
tasks/auditd.yml
View file

@ -8,6 +8,17 @@
register: audit_rules_updated
notify: restart auditd
- name: POST | Set up auditd user logging exceptions
template:
src: audit/98_auditd_exception.rules.j2
dest: /etc/audit/rules.d/98_auditd_exceptions.rules
owner: root
group: root
mode: 0600
notify: restart auditd
when: allow_auditd_uid_user_exclusions
- name: POST | AUDITD | Discover if auditd immutable - Set reboot required if auditd immutable
block:
- name: POST | AUDITD | Discover if auditd immutable - will require reboot if auditd template applied