ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 23:43:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'devel' into bug_4112

Browse source 
Signed-off-by: John Foster <robopickle@proton.me>
This commit is contained in:
John Foster 2024-03-08 08:51:09 +00:00
commit dcf8f0bf11
No known key found for this signature in database
GPG key ID: F907E4A9B3537F1B
13 changed files with 95 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_4/cis_4.1.3.x.yml
View file

@ -99,7 +99,7 @@
- level2-workstation
- patch
- auditd
- rule_4.1.3_7
- rule_4.1.3.7
# All changes selected are managed by the POST audit and handlers to update
- name: "4.1.3.8 | PATCH | Ensure events that modify user/group information are collected"
@ -268,7 +268,7 @@
- level2-workstation
- patch
- auditd
- rule_4.1.20
- rule_4.1.3.20
- name: "4.1.3.21 | AUDIT | Ensure the running and on disk configuration is the same"
ansible.builtin.debug:

2
tasks/section_4/cis_4.1.4.x.yml
View file

@ -65,7 +65,7 @@
ansible.builtin.file:
path: "{{ item.path }}"
mode: "{{ '0600' if item.mode == '0600' else '0640' }}"
loop: "{{ auditd_conf_files.files | default([]) }}"
loop: "{{ auditd_conf_files.files }}"
loop_control:
label: "{{ item.path }}"
when: