Revert "Merge 'devel' of kris9854/RHEL9-CIS-fix into devel"

This reverts commit d4471a3016, reversing
changes made to d6ca36a91f.

templates/ansible_vars_goss.yml.j2

@@ -1,5 +1,3 @@
-
-## This file is managed by Ansible, YOUR CHANGED WILL BE LOST!
 ## metadata for benchmark
 
 ## metadata for Audit benchmark
@@ -159,7 +157,6 @@ rhel9cis_rule_2_3_2: {{ rhel9cis_rule_2_3_2 }}
 rhel9cis_rule_2_3_3: {{ rhel9cis_rule_2_3_3 }}
 rhel9cis_rule_2_3_4: {{ rhel9cis_rule_2_3_4 }}
 rhel9cis_rule_2_3_5: {{ rhel9cis_rule_2_3_5 }}
-rhel9cis_rule_2_3_6: {{ rhel9cis_rule_2_3_6 }}
 
 rhel9cis_rule_2_4: true # todo
 
@@ -277,7 +274,6 @@ rhel9cis_rule_5_1_5: {{ rhel9cis_rule_5_1_5 }}
 rhel9cis_rule_5_1_6: {{ rhel9cis_rule_5_1_6 }}
 rhel9cis_rule_5_1_7: {{ rhel9cis_rule_5_1_7 }}
 rhel9cis_rule_5_1_8: {{ rhel9cis_rule_5_1_8 }}
-rhel9cis_rule_5_1_9: {{ rhel9cis_rule_5_1_9 }}
 
 # 5.2 Configure SSH Server
 rhel9cis_rule_5_2_1: {{ rhel9cis_rule_5_2_1 }}
@@ -496,4 +492,4 @@ rhel9cis_pass:
 rhel9cis_sugroup: {% if rhel9cis_sugroup is undefined %}wheel{% else %}{{ rhel9cis_sugroup }}{% endif %}
 
 ## 5.3.7 sugroup users list
-rhel9cis_sugroup_users: {{ rhel9cis_sugroup_users }}
+rhel9cis_sugroup_users: {{ rhel9cis_sugroup_users }}

templates/audit/98_auditd_exception.rules.j2

@@ -1,8 +0,0 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
-
-# This file contains users whose actions are not logged by auditd
-{% if allow_auditd_uid_user_exclusions %} 
-{% for user in rhel9cis_auditd_uid_exclude %}
--a never,user -F uid!={{ user }} -F auid!={{ user }}
-{% endfor %}
-{% endif %}

templates/audit/99_auditd.rules.j2

@@ -1,5 +1,3 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
-
 # This template will set all of the auditd configurations via a handler in the role in one task instead of individually
 {% if rhel9cis_rule_4_1_3_1 %}
 -w /etc/sudoers -p wa -k scope

templates/etc/chrony.conf.j2

@@ -1,5 +1,3 @@
-## This file is managed by Ansible, YOUR CHANGED WILL BE LOST!
-
 # This the default chrony.conf file for the Debian chrony package.  After
 # editing this file use the command 'invoke-rc.d chrony restart' to make
 # your changes take effect.  John Hasler <jhasler@debian.org> 1998-2008

templates/etc/cron.d/aide.cron.j2

@@ -1,5 +1,5 @@
 # Run AIDE integrity check 
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
+# added via ansible-lockdown remediation 
 # CIS 1.3.2
 
 {{ rhel9cis_aide_cron['aide_minute'] }} {{ rhel9cis_aide_cron['aide_hour'] }} {{ rhel9cis_aide_cron['aide_month'] }} {{ rhel9cis_aide_cron['aide_weekday'] }} {{ rhel9cis_aide_cron['aide_job'] }}

templates/etc/modprobe.d/modprobe.conf.j2

@@ -1,6 +1,5 @@
 # Disable usage of protocol {{ item }}
 # Set by ansible {{ benchmark }} remediation role
 # https://github.com/ansible-lockdown
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
 
-install {{ item }} /bin/true
+install {{ item }} /bin/true

templates/etc/sysctl.d/60-disable_ipv6.conf.j2

@@ -1,4 +1,4 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
+# Setting added via ansible CIS remediation playbook
 
 # IPv6 disable
 {% if rhel9cis_rule_3_1_1 and rhel9cis_ipv6_required %}

templates/etc/sysctl.d/60-kernel_sysctl.conf.j2

@@ -1,4 +1,4 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
+# Setting added via ansible CIS remediation playbook
 
 
 {% if rhel9cis_rule_1_5_3 %}

templates/etc/sysctl.d/60-netipv4_sysctl.conf.j2

@@ -1,4 +1,4 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
+# Setting added via ansible CIS remediation playbook
 
 # IPv4 Network sysctl
 {% if rhel9cis_rule_3_2_1 %}

templates/etc/sysctl.d/60-netipv6_sysctl.conf.j2

@@ -1,4 +1,4 @@
-## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!
+# Setting added via ansible CIS remediation playbook
 
 # IPv6 Network sysctl
 {% if rhel9cis_ipv6_required %}

templates/etc/systemd/system/tmp.mount.j2

@@ -7,8 +7,6 @@
 #  the Free Software Foundation; either version 2.1 of the License, or
 #  (at your option) any later version.
 
-## This file is managed by Ansible, YOUR CHANGED WILL BE LOST!
-
 [Unit]
 Description=Temporary Directory (/tmp)
 Documentation=man:hier(7)