ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
779 commits 5 branches 14 tags 2.6 MiB
Commit graph

107 commits

Author SHA1 Message Date
Ionut Pruteanu
09272d06ff Fixing conflict when changed value from 0>3(caused by previous lines added by docs). 2024-02-06 20:03:07 +01:00
Ionut Pruteanu
a84cf8f771
Rule 5.2.20 expects values different than 0, but previous form of the task was setting CountMax to 0 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-02-06 20:42:39 +02:00
Ionut Pruteanu
9c1a473400 Merge branch 'siemens/feat/Refactor_Document_main_variables' into 'siemens/rhel9/devel' 
Aplying patch to be used for extending-documentation

See merge request infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis!17
 2024-02-01 13:13:43 +01:00
Ionut Pruteanu
057afdc9ff
[IP] New branch was created, so a new merge will be done. 
Revert "Merge branch 'siemens/feat/document_main_variables' into siemens/rhel9/devel"

This reverts commit cc3cc03a04, reversing
changes made to d87451afd6.

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-02-01 13:54:48 +02:00
Ionut Pruteanu
3581793d8e
Documenting also new added(space_left & admin_space_left) 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 20:31:03 +02:00
Ionut Pruteanu
f2a2757d1b
Fixing yaml-lint errors 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 20:30:25 +02:00
Ionut Pruteanu
a83678e9ce
Removing statement about SSH precedence vars. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 20:27:07 +02:00
Ionut Pruteanu
c70c23680a
Aplying patch to be used for extending-documentation 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 10:26:10 +02:00
Ionut Pruteanu
9bd22c220d
Merge branch 'siemens/rhel9/devel' of code.siemens.com:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/rhel9/devel 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:16:54 +02:00
root@DERVISHx
a3ddf8ff20
Fixing conflicts after rebasing current feature branch onto 'devel' 2024-01-30 23:04:37 +02:00
Marcin Dulinski
0dab713974
Solved minor conflicts in defaults/main.yml file, when re-basing 
Signed-off-by: Marcin Dulinski <martin@dulin.me.uk>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:01:33 +02:00
Ionut Pruteanu
efdff71e84
Removing not useful line from docs 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:01:33 +02:00
Ionut Pruteanu
f90a67987d
Revert "Added vars for streams." 
[IP] I see no benefit to duplicate vars in defaults/main.yml in other files like specific vars for Alma/Rocky, especially since
we're using the same values for those vars. Also, replacing rsyslog with journald is not fine for this current doc-extension proposal.

This reverts commit a57333dcf1.

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:01:32 +02:00
Ionut Pruteanu
674e0fdf31
Improving doc for journald log parameters. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:01:32 +02:00
Ionut Pruteanu
945e020e6a
Documenting usage of chrony variables. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 23:01:23 +02:00
Ionut Pruteanu
6744d901bc
Merge branch 'siemens/feat/document_main_variables' of code.siemens.com:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/document_main_variables 2024-01-30 22:48:57 +02:00
Ionut Pruteanu
159a06dab3
Finalising the docs content & syntax 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:48:46 +02:00
root@DERVISHx
d1434f6b5b
Rebasing 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2024-01-30 22:41:04 +02:00
root@DERVISHx
5815c43654
Added vars for streams. 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:33:02 +02:00
Ionut Pruteanu
e40d8cb58c
Fixing conflicts 
Last docs part - additions

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:32:47 +02:00
Ionut Pruteanu
85ed8ce781
Doc additions for: 
- Sections 2.2 && 2.3
- Section 3
- Section 4.1

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:28:20 +02:00
Ionut Pruteanu
490a47eb0f
Doc additions for: 
- Yum repos,
- bootloader,
- crypto policies,
- SELinux
- NTP

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:28:20 +02:00
Ionut Pruteanu
65aed536fa
Fixing conflicts after rebase --continue 
Small additions to first part of documentation.

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-30 22:27:43 +02:00
root@DERVISHx
b262d0a3e8
Solving conflicts after latest rebase 
~~~~~
Document variables in defaults/main.yml, Fix 5 from devel

Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2024-01-30 22:22:46 +02:00
uk-bolly
df1aef8d31
Merge pull request #148 from siemens/siemens/feat/AuditVarsRefactoring 
Siemens/feat/audit vars refactoring
 2024-01-26 12:34:30 +00:00
root@DERVISHx
da62626a9d
Fixing conflicts after rebasing current feature branch onto 'devel' 2024-01-19 19:59:32 +02:00
Marcin Dulinski
9ce1fb6556
Solved minor conflicts in defaults/main.yml file, when re-basing 
Signed-off-by: Marcin Dulinski <martin@dulin.me.uk>
 2024-01-19 19:59:04 +02:00
Ionut Pruteanu
36ab51d600
Removing not useful line from docs 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-19 16:16:18 +02:00
Ionut Pruteanu
48f0c7db53
Using again the default values used by Lockdown for sshd vars, as they shouldn't be altered 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-19 16:11:02 +02:00
Ionut Pruteanu
073f6b7192
Revert "Added vars for streams." 
[IP] I see no benefit to duplicate vars in defaults/main.yml in other files like specific vars for Alma/Rocky, especially since
we're using the same values for those vars. Also, replacing rsyslog with journald is not fine for this current doc-extension proposal.

This reverts commit a57333dcf1.
 2024-01-19 15:55:42 +02:00
Ionut Pruteanu
b4bef292ca
Improving doc for journald log parameters. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-19 15:37:44 +02:00
Ionut Pruteanu
8fc85fcc59
Documenting usage of chrony variables. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-19 15:32:01 +02:00
Ionut Pruteanu
677424d853
Merge branch 'devel' of github.com:siemens/RHEL9-CIS into siemens/feat/document_main_variables 2024-01-19 11:03:46 +02:00
Ionut Pruteanu
14cd1e0397
Merge branch 'siemens/feat/document_main_variables' of code.siemens.com:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/document_main_variables 2024-01-17 20:39:49 +02:00
Ionut Pruteanu
560475ea4e
Finalising the docs content & syntax 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-17 20:17:21 +02:00
root@DERVISHx
a57333dcf1
Added vars for streams. 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2023-12-27 15:39:46 +00:00
Ionut Pruteanu
ca41b128cd
Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-20 22:21:14 +02:00
Ionut Pruteanu
88ffe32137
Storing max_log_file under rhel9cis_auditd dict variable. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-20 21:58:49 +02:00
Ionut Pruteanu
28a61fa71d
Last docs part - additions 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-08 20:17:43 +02:00
Ionut Pruteanu
6dfbe18612
Doc additions for: 
- Sections 2.2 && 2.3
- Section 3
- Section 4.1

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-07 22:53:01 +02:00
Ionut Pruteanu
06489db6a8
Doc additions for: 
- Yum repos,
- bootloader,
- crypto policies,
- SELinux
- NTP

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-06 22:20:32 +02:00
Ionut Pruteanu
dc59c320c8
Small additions to first part of documentation. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-05 21:01:06 +02:00
root@DERVISHx
34b052196c
Document variables in defaults/main.yml, Fix 5 from devel 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2023-11-29 15:50:23 +00:00
root@DERVISHx
a2162dbd1b
Document variables in defaults/main.yml, Fix 2. 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2023-11-24 15:38:40 +00:00
Marcin Dulinski
8b875ad228
Fixed chrony configuration options 
Signed-off-by: Marcin Dulinski <martin@dulin.me.uk>
 2023-11-22 09:17:15 +00:00
Mark Bolwell
8784941179
audit variables seperated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-11-21 09:48:49 +00:00
Mark Bolwell
11071a66ab
added pragma allowed 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 15:36:05 +01:00
Mark Bolwell
f6fd7e02d3
git audit binary version updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-18 14:02:44 +01:00
Mark Bolwell
43a339c74f
new var rhel9cis_rhel_default_repo 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-07 14:23:12 +01:00
Mark Bolwell
18e59d32f1
more ansible_facst referenced #54 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-06 09:55:27 +01:00