ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

updated controls

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-04-01 15:26:13 +01:00
parent 19a218390d
commit f0c4701dbd
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
23 changed files with 238 additions and 364 deletions
Download patch file Download diff file Expand all files Collapse all files

9
tasks/section_2/cis_2.1.x.yml
View file

@ -2,11 +2,11 @@
- name: "2.1.1 | PATCH | Ensure time synchronization is in use"
package:
name: "{{ rhel9cis_time_synchronization }}"
name: chrony
state: present
when:
- rhel9cis_rule_2_1_1
- not rhel9cis_system_is_container
- not system_is_container
tags:
- level1-server
- level1-workstation
@ -18,7 +18,7 @@
block:
- name: "2.1.2 | PATCH | Ensure chrony is configured | Set configuration"
template:
src: chrony.conf.j2
src: etc/chrony.conf.j2
dest: /etc/chrony.conf
owner: root
group: root
@ -33,9 +33,8 @@
create: yes
mode: 0644
when:
- rhel9cis_time_synchronization == "chrony"
- rhel9cis_rule_2_1_2
- not rhel9cis_system_is_container
- not system_is_container
tags:
- level1-server
- level1-workstation