From e27e5276e4d9426a624ce1c01bb43f87d1dcf941 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 6 Apr 2022 16:32:53 +0100
Subject: [PATCH] updated

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 templates/ansible_vars_goss.yml.j2 | 56 +++++++++++++++---------------
 1 file changed, 28 insertions(+), 28 deletions(-)

diff --git a/templates/ansible_vars_goss.yml.j2 b/templates/ansible_vars_goss.yml.j2
index 35d3aa2..e3ca224 100644
--- a/templates/ansible_vars_goss.yml.j2
+++ b/templates/ansible_vars_goss.yml.j2
@@ -99,14 +99,14 @@ rhel9cis_rule_1_5_1: {{ rhel9cis_rule_1_5_1 }}
 rhel9cis_rule_1_5_2: {{ rhel9cis_rule_1_5_2 }}
 rhel9cis_rule_1_5_3: {{ rhel9cis_rule_1_5_3 }}
 # 1.6 Mandatory Access Control
-rhel9cis_rule_1_6_1: {{ rhel9cis_rule_1_6_1 }}
-rhel9cis_rule_1_6_2: {{ rhel9cis_rule_1_6_2 }}
-rhel9cis_rule_1_6_3: {{ rhel9cis_rule_1_6_3 }}
-rhel9cis_rule_1_6_4: {{ rhel9cis_rule_1_6_4 }}
-rhel9cis_rule_1_6_5: {{ rhel9cis_rule_1_6_5 }}
-rhel9cis_rule_1_6_6: {{ rhel9cis_rule_1_6_6 }}
-rhel9cis_rule_1_6_7: {{ rhel9cis_rule_1_6_7 }}
-rhel9cis_rule_1_6_8: {{ rhel9cis_rule_1_6_8 }}
+rhel9cis_rule_1_6_1_1: {{ rhel9cis_rule_1_6_1_1 }}
+rhel9cis_rule_1_6_1_2: {{ rhel9cis_rule_1_6_1_2 }}
+rhel9cis_rule_1_6_1_3: {{ rhel9cis_rule_1_6_1_3 }}
+rhel9cis_rule_1_6_1_4: {{ rhel9cis_rule_1_6_1_4 }}
+rhel9cis_rule_1_6_1_5: {{ rhel9cis_rule_1_6_1_5 }}
+rhel9cis_rule_1_6_1_6: {{ rhel9cis_rule_1_6_1_6 }}
+rhel9cis_rule_1_6_1_7: {{ rhel9cis_rule_1_6_1_7 }}
+rhel9cis_rule_1_6_1_8: {{ rhel9cis_rule_1_6_1_8 }}
 # 1.7 Command Line Warning Banners
 rhel9cis_rule_1_7_1: {{ rhel9cis_rule_1_7_1 }}
 rhel9cis_rule_1_7_2: {{ rhel9cis_rule_1_7_2 }}
@@ -114,12 +114,12 @@ rhel9cis_rule_1_7_3: {{ rhel9cis_rule_1_7_3 }}
 rhel9cis_rule_1_7_4: {{ rhel9cis_rule_1_7_4 }}
 rhel9cis_rule_1_7_5: {{ rhel9cis_rule_1_7_5 }}
 rhel9cis_rule_1_7_6: {{ rhel9cis_rule_1_7_6 }}
-rhel9cis_rule_1_7_7: {{ rhel9cis_rule_1_7_7 }}
-rhel9cis_rule_1_8_1: {{ rhel9cis_rule_1_7_8 }}
-rhel9cis_rule_1_8_2: {{ rhel9cis_rule_1_8_1 }}
-rhel9cis_rule_1_8_3: {{ rhel9cis_rule_1_8_2 }}
-rhel9cis_rule_1_8_4: {{ rhel9cis_rule_1_8_3 }}
-rhel9cis_rule_1_8_5: {{ rhel9cis_rule_1_8_4 }}
+# 1.8 Gnome Display Manager
+rhel9cis_rule_1_8_1: {{ rhel9cis_rule_1_8_1 }}
+rhel9cis_rule_1_8_2: {{ rhel9cis_rule_1_8_2 }}
+rhel9cis_rule_1_8_3: {{ rhel9cis_rule_1_8_3 }}
+rhel9cis_rule_1_8_4: {{ rhel9cis_rule_1_8_4 }}
+rhel9cis_rule_1_8_5: {{ rhel9cis_rule_1_8_5 }}
 # 1.9 Ensure updates, patches, and additional security software are installed
 rhel9cis_rule_1_9: {{ rhel9cis_rule_1_9 }}
 # Ensure system-wide crypto policy is not legacy
@@ -409,7 +409,7 @@ rhel9cis_cups_server: {{ rhel9cis_cups_server }}
 rhel9cis_dhcp_server: {{ rhel9cis_dhcp_server }}
 rhel9cis_dns_server: {{ rhel9cis_dns_server }}
 rhel9cis_ftp_server: {{ rhel9cis_ftp_server }}
-rhel9cis_vsftpd_server: {{ rhel9cis_vsftp_server }}
+rhel9cis_vsftpd_server: {{ rhel9cis_vsftpd_server }}
 rhel9cis_tftp_server: {{ rhel9cis_tftp_server }}
 rhel9cis_httpd_server: {{ rhel9cis_httpd_server }}
 rhel9cis_nginx_server: {{ rhel9cis_nginx_server }}
@@ -425,19 +425,19 @@ rhel9cis_is_mail_server: {{ rhel9cis_is_mail_server }}
 # Note the options
 # Packages are used for client services and Server- only remove if you dont use the client service
 #
-rhel9cis_use_nfs_server: {{ rhel9cis_use_nfs.server }}
-rhel9cis_use_nfs_service: {{ rhel9cis_use_nfs.service }}
-rhel9cis_use_rpc_server: {{ rhel9cis_use_rpc.server }}
-rhel9cis_use_rpc_service: {{ rhel9cis_use_rpc.service }}
-rhel9cis_use_rsync_server: {{ rhel9cis_use_rsync.server }}
-rhel9cis_use_rsync_service: {{ rhel9cis_use_rsync.service }}
+rhel9cis_use_nfs_server: {{ rhel9cis_use_nfs_server }}
+rhel9cis_use_nfs_service: {{ rhel9cis_use_nfs_service }}
+rhel9cis_use_rpc_server: {{ rhel9cis_use_rpc_server }}
+rhel9cis_use_rpc_service: {{ rhel9cis_use_rpc_service }}
+rhel9cis_use_rsync_server: {{ rhel9cis_use_rsync_server }}
+rhel9cis_use_rsync_service: {{ rhel9cis_use_rsync_service }}
 
 #### 2.3 Service clients
 rhel9cis_ypbind_required: {{ rhel9cis_ypbind_required }}
 rhel9cis_rsh_required: {{ rhel9cis_rsh_required }}
 rhel9cis_talk_required: {{ rhel9cis_talk_required }}
 rhel9cis_telnet_required: {{ rhel9cis_telnet_required }}
-rhel9cis_openldap_clients_required: {{ openldap_clients_required }}
+rhel9cis_openldap_clients_required: {{ rhel9cis_openldap_clients_required }}
 rhel9cis_tftp_client: {{ rhel9cis_tftp_client }}
 
 # Section 3
@@ -482,7 +482,7 @@ rhel9cis_authselect_custom_profile_select: {{ rhel9cis_authselect_custom_profile
 ## 5.3.2 Authselect select false if using AD or RHEL ID mgmt
 rhel9cis_authselect:
   custom_profile_name: {{ rhel9cis_authselect['custom_profile_name'] }}
-  default_file_to_copy: {{ rhel9cis_authselect.default_file_to_copy }}
+  default_file_to_copy: {{ rhel9cis_authselect['default_file_to_copy'] }}
 
 
 ## 5.4.1 Enable automation to create custom profile settings, using the setings above
@@ -491,8 +491,8 @@ rhel9cis_authselect_custom_profile_create: {{ rhel9cis_authselect_custom_profile
 # 5.5.1
 ## PAM
 rhel9cis_pam_password: 
-  minlen: {{ rhel9cis_pam_password.minlen }}
-  minclass: {{ rhel9cis_pam_password.minclass }}
+  minlen: {{ rhel9cis_pam_password['minlen'] }}
+  minclass: {{ rhel9cis_pam_password['minclass'] }}
 rhel9cis_pam_passwd_retry: "3"
 
 ## 5.5.3 choose one of below
@@ -501,9 +501,9 @@ rhel9cis_passwd_remember: "5"
 
 ## 5.6.x login.defs password settings
 rhel9cis_pass:
-  max_days: {{ rhel9cis_pass.max_days }}
-  min_days: {{ rhel9cis_pass.min_days }}
-  warn_age: {{ rhel9cis_pass.warn_age }}
+  max_days: {{ rhel9cis_pass['max_days'] }}
+  min_days: {{ rhel9cis_pass['min_days'] }}
+  warn_age: {{ rhel9cis_pass['warn_age'] }}
 
 ## 5.3.7 set sugroup if differs from wheel
 rhel9cis_sugroup: {% if rhel9cis_sugroup is undefined %}wheel{% else %}{{ rhel9cis_sugroup }}{% endif %}