ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1375 commits 4 branches 16 tags 3.3 MiB
Commit graph

155 commits

Author SHA1 Message Date
uk-bolly
3015e2fe2f
Merge branch 'devel' into pub_feb26_updates 
Signed-off-by: uk-bolly <69214557+uk-bolly@users.noreply.github.com>
 2026-02-12 09:54:10 +00:00
Mark Bolwell
98e89d8945
Latest fixes updates Feb26 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-12 09:15:05 +00:00
Frederick Witty
71206432be
QA fixes and rollback of audit_only logic 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
 2026-02-11 14:54:30 -05:00
Frederick Witty
11becb32c5
QA Fixes 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
 2026-02-10 16:01:05 -05:00
Mark Bolwell
2863be6c02
tidied up comments to make it simpler 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-06 14:16:29 +00:00
Mark Bolwell
591f0d90f4
Updated comments for password hash and variable 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-06 12:49:05 +00:00
Mark Bolwell
3442801399
tidy up of variables and warning for bootloader password 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-05 20:29:37 +00:00
Mark Bolwell
9a3f458db0
Updated bootloader password logic and enabled old methods without change 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-05 18:10:29 +00:00
Mark Bolwell
9b091984db
updated logic to allow manual hash to be added or filter 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-05 17:53:55 +00:00
Mark Bolwell
943b570484
incorporated PR 345 thanks to @thulium-drake 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2026-02-03 09:01:55 +00:00
Frederick Witty
173fbd3254
Linting 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
 2026-01-08 14:26:24 -05:00
Frederick Witty
863d1af4cf
Merge pull request #423 from ansible-lockdown/crypto_policies
Some checks are pending
Export Public Repo Badges / export-badges (push) Waiting to run
Details 
Tidy up wording regarding crypto policy module
 2025-12-29 09:24:02 -05:00
Mark Bolwell
76cd8c7cb3
Tidy up wording regarding crypto policy modules thanks to @kpi-nourman #414 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-12-29 09:43:28 +00:00
George Nalen
7ff8e7b6b9
Updated disable IPv6 logic 
Signed-off-by: George Nalen <georgen@mindpointgroup.com>
 2025-12-23 11:20:21 -05:00
George Nalen
d9927f005b
fixed typo in disable method var 
Signed-off-by: George Nalen <georgen@mindpointgroup.com>
 2025-12-23 08:42:28 -05:00
George Nalen
beb3bfdc94
added option for sysctl or kernel for disabling IPv6 
Signed-off-by: George Nalen <georgen@mindpointgroup.com>
 2025-12-22 16:35:08 -05:00
Mark Bolwell
ea17b0adc2
removed legacy option 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-10-16 15:26:42 +01:00
Mark Bolwell
727ae4515b
updated auditd variables 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-10-16 14:57:24 +01:00
Mark Bolwell
81eadd4a6f
max-concurrent audit option added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-10-01 12:59:44 +01:00
uk-bolly
23b60bc629
Merge pull request #390 from polski-g/modular_section_5_r2 
Support section modularization (for Sec 5 only right now)
 2025-10-01 10:24:44 +01:00
Mark Bolwell
7769bec99e
Added section5 subsections public #390 thanks to @polski-g 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-09-30 14:44:57 +01:00
Mark Bolwell
5dd64ebdb8
max concurrent options and default added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-09-30 14:20:10 +01:00
polski-g
392c3f9016
Support section 5 modularization 
corrected trailing whitespace

Signed-off-by: polski-g <polski_g@sent.at>
 2025-09-15 12:59:41 -04:00
Frederick Witty
67c574d8a9
Updates from Public 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-09-10 12:57:50 -04:00
Frederick Witty
2dfa9266a8
Update cryto policy var to standard 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-09-08 11:54:57 -04:00
Frederick Witty
413ccb96b7
Update cryto policy based controls with improved logic 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-09-05 16:39:55 -04:00
Frederick Witty
b0ec6c4820
Fix for #384, thank you @polski-g 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-09-05 16:24:11 -04:00
Mark Bolwell
b21569c62d
added update for gdm and giu packages 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-08-15 16:00:36 +01:00
Mark Bolwell
73320db603
dont not run section 1.8 if not gdm PR #364 from public 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-08-14 16:17:45 +01:00
Tomuta, Diana Maria (T CST SCC-RO)
f90e896b0c
Fixing minor documentation issues part 3. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-09 14:21:19 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
ad8e73c3ee
Fixing minor documentation issues part 2. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-09 13:28:33 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
76a680bb59
Fixing minor documentation issues. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-09 12:13:45 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
dfd5eb9a92
Small fixes part 3. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-04 13:44:46 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
21fd466ec6
Small fixes part 2. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-04 11:58:08 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
778877f3f3
Small fixes. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-04 10:50:45 +03:00
Tomuta, Diana Maria (T CST SCC-RO)
55744fe599
Fixing documentation of the vars. 
Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
 2025-07-02 13:48:17 +03:00
Mark Bolwell
82cc458d7a
Fix logic and notes for in crypto policy building 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-06-20 11:32:31 +01:00
Mark Bolwell
bd1547313a
Fix logic and notes for in crypto policy building 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-06-20 11:29:53 +01:00
Mark Bolwell
f2c03f1e68
variable networkmanager package and typo fixes 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2025-05-28 16:11:36 +01:00
polski_g
4e49532e20
Variablize network-manager package name 
Signed-off-by: polski-g <polski_g@sent.at>
 2025-05-23 12:33:55 -04:00
Frederick Witty
23b2909073
QA Fixes 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-05-15 16:48:44 -04:00
Fred W.
1d266e61a7
Merge pull request #25 from ansible-lockdown/benchmark_v2.0.0 
Benchmark v2.0.0
 2025-05-09 15:12:17 -04:00
Fred W.
2c35f64f38
Merge pull request #24 from ansible-lockdown/devel 
May 2025 devel to latest alignment
 2025-05-09 14:51:13 -04:00
Frederick Witty
48c05f038f
Fix for #322 thank @mindrb 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-25 14:36:58 -04:00
Frederick Witty
e27e413f94
Update URL in defaults/main 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-23 16:04:16 -04:00
Frederick Witty
42024903e3
revamp set facts premlim_ max_int_uid and prelim_min_int_uid 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-23 12:47:22 -04:00
Frederick Witty
350b30dfe4
prelim_ prefix added to max_int_uid and min_int_uid 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-22 16:32:47 -04:00
Frederick Witty
7173eba3f6
Typo fixes v2 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-22 16:29:43 -04:00
Frederick Witty
de63984cd8
Typo fixes 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-22 16:10:53 -04:00
Frederick Witty
120207440c
Typo fixes 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
 2025-04-15 15:22:19 -04:00