ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
640 commits 5 branches 14 tags 2.6 MiB
Commit graph

640 commits

This branch
This branch
All branches
Author SHA1 Message Date
Joshua Hemmings
1d609e10cb
Remove trailing comma to align with other roles 
Signed-off-by: Joshua Hemmings <josh@hemmings.ch>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
46cd4b67eb
whole section defined in cis_4.2.1.x.yml gets executed only when: rhel9cis_syslog == 'rsyslog', having same condition is redundant and may confuse users. 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
72ba83fbaa
Rsyslog subsection corrected header(was using 4.2 logging name, instead of 4.2.1. rsyslog name) 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
f3082dd02e
Using rhel9cis_authselect['options'], otherwise not used at all 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Corey Reid
7da06eeaa8
find hidden files in /var/log for 4.3.2 
Signed-off-by: Corey Reid <corey.nathan.reid@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
50bf410a7b
Using correct conditional for Task relying on 'firewall-cmd --get-active-zones' cmd 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
b40c5813fb
Using correct conditional for ftpd 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
e1cf40c5d2
Masking service when server package is needed 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:15 +02:00
Ionut Pruteanu
bf94c2f708
Timeout value defined in defaults/main.yml file not used 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Ionut Pruteanu
973af36ed0
Removing redundant conditional statements 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Marcin Dulinski
495355b067
Fixed chrony configuration options 
Signed-off-by: Marcin Dulinski <martin@dulin.me.uk>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
pre-commit-ci[bot]
d2df59f8e9
[pre-commit.ci] pre-commit autoupdate 
updates:
- [github.com/ansible-community/ansible-lint: v6.22.0 → v6.22.1](https://github.com/ansible-community/ansible-lint/compare/v6.22.0...v6.22.1)

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Senih
844a351155
Update cis_5.6.1.x.yml 
Typo fixed from:
- rule_5.5.1.3
to:
- rule_5.6.1.3

Signed-off-by: Senih <40578755+senihucar@users.noreply.github.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
pre-commit-ci[bot]
22a7e32750
[pre-commit.ci] pre-commit autoupdate 
updates:
- [github.com/gitleaks/gitleaks: v8.18.0 → v8.18.1](https://github.com/gitleaks/gitleaks/compare/v8.18.0...v8.18.1)

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
437db7b2a6
fixed typo 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
e769b97e1a
updated benchmark name 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
1752212eb3
fixed benchmark_name 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
bc4be734f7
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
9f16c3ce49
removed dupe line 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
df63880353
addition of audit_only config 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
9f6c9adb42
audit variables seperated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
pre-commit-ci[bot]
463ba0a718
[pre-commit.ci] pre-commit autoupdate 
updates:
- [github.com/pre-commit/pre-commit-hooks: v3.2.0 → v4.5.0](https://github.com/pre-commit/pre-commit-hooks/compare/v3.2.0...v4.5.0)
- [github.com/gitleaks/gitleaks: v8.17.0 → v8.18.0](https://github.com/gitleaks/gitleaks/compare/v8.17.0...v8.18.0)
- [github.com/ansible-community/ansible-lint: v6.17.2 → v6.22.0](https://github.com/ansible-community/ansible-lint/compare/v6.17.2...v6.22.0)
- [github.com/adrienverge/yamllint.git: v1.32.0 → v1.33.0](https://github.com/adrienverge/yamllint.git/compare/v1.32.0...v1.33.0)

Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:14 +02:00
Mark Bolwell
6c86a8dd19
updated workflow for galaxy and versions 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
ba769cac5b
updated collections 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
99bfe893b0
updated 5.6.5 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
2819352701
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
d12a4b2a56
quoted file mode 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
d7cfb0c64c
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
d94bd7476c
added pragma allowed 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
2e1f17169b
fix filename 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
43f3b5300c
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
c7899232f5
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
02b6660733
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
90515c8c9a
updated test 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
4f5e935a7f
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
c82dd0c783
lint updates 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
badba4b7d6
updated discord link 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:13 +02:00
Mark Bolwell
438ae32026
updated test and control 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
346264ed71
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
f0c3bff907
git audit binary version updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
8bd2fbed20
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
7be36c4fff
new var rhel9cis_rhel_default_repo 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
265cf67ad1
updated due to changes 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
96921e175b
updated typos 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
796ae479d8
updated typos 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
2c76d76f25
more ansible_facst referenced #54 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
585570f944
updated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
ff9a8eb2e7
#54 merged into new layout 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
cd264db98f
#60 addressed for ipb6 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00
Mark Bolwell
c15fb6cf68
Added comment for os_check var 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2024-01-31 08:30:12 +02:00