ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

interactive users ilogic improvements thanks to @polski-g

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2025-05-23 16:05:01 +01:00
parent daf5a3f462
commit f83e5a69a2
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
5 changed files with 20 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_5/cis_5.4.2.x.yml
View file

@ -195,7 +195,7 @@
- name: "5.4.2.7 | PATCH | Ensure system accounts do not have a valid login shell"
when:
- rhel9cis_rule_5_4_2_7
- "item.id not in prelim_interactive_usernames.stdout"
- "item.id not in prelim_interactive_usernames | map(attribute='username')"
- item.id not in rhel9cis_system_users_shell
- "'root' not in item.id"
- rhel9cis_disruption_high
@ -220,7 +220,7 @@
when:
- rhel9cis_rule_5_4_2_8
- rhel9cis_disruption_high
- "item.id not in prelim_interactive_usernames.stdout"
- "item.id not in prelim_interactive_usernames | map(attribute='username')"
- "'root' not in item.id"
tags:
- level1-server