RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00

Author	SHA1	Message	Date
Michael Hicks	c4a97079b1	added guardrails on enabled and state flags to systemd mask tasks to only disable and stop when the package is installed, otherwise just mask to prevent the service from ever starting should it get installed at a later time. This allows hardening to proceed when the service doesn't exist but masking has been requested. Otherwise the playbook run will fail at a step when the service which comes with the package doesn't already exist Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:10 -08:00
Frederick Witty	71206432be	QA fixes and rollback of audit_only logic Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-02-11 14:54:30 -05:00
Frederick Witty	e65df16f67	Update 3.1.1 Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:33:16 -05:00
George Nalen	7ff8e7b6b9	Updated disable IPv6 logic Signed-off-by: George Nalen <georgen@mindpointgroup.com>	2025-12-23 11:20:21 -05:00
Mark Bolwell	fdc0a7afed	fixed typo thanks to @trumbaut #397 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-10-02 09:20:47 +01:00
Mark Bolwell	eafee7e040	Added typo updates thanks to @DianaMariaDDM Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-14 17:19:53 +01:00
Mark Bolwell	f2c03f1e68	variable networkmanager package and typo fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:11:36 +01:00
Mark Bolwell	7b1c8e9ef0	additional fix for #309 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-03-31 12:37:58 +01:00
Mark Bolwell	82f7b53a67	Merge branch 'lint_dec24' into alignment Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 13:36:08 +00:00
Mark Bolwell	88ac5c3d65	Lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 11:49:02 +00:00
Mark Bolwell	2de8a39cdc	updated yamllint, company naming, linting and spacing Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-04 12:00:12 +00:00
Mark Bolwell	14d038e8eb	renamed variables Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 17:36:07 +01:00
Mark Bolwell	f1c4d96412	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-07-24 14:00:00 +01:00
uk-bolly	f8fcfe0e78	April_24 updates (#201 ) * Issue #170, PR #181 thanks to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * issue #182, PR #183 thansk to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PR #180 thanks to @ipruteanu-sie and @raabf Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Addressed PR #165 thanks to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PT #184 addressed thansk to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated credits Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * typo and ssh allow_deny comments Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * enable OS check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PR - #198 addressed thanks to @brakkio86 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Addressed issue #190 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Additional vars for issue #190 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated pre-commit version Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * consistent quotes around mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * moved audit added discoveries Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed unneeded vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * audit moved to prelim Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * improved new variable usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed logic 6.2.10 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * addressed #197 thanks to @mark-tomich Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updates for audit section Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added prelim to includes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-04-15 14:02:07 +01:00
Ionut Pruteanu	81fd98e2c6	Using correct conditional for Task relying on 'firewall-cmd --get-active-zones' cmd Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 20:38:20 +02:00
Mark Bolwell	e82b2cefac	quoted file mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 16:25:59 +01:00
Mark Bolwell	580ee762ee	fix filename Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:35:35 +01:00
Mark Bolwell	c5ed197e03	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:07:52 +01:00
Mark Bolwell	af20f70f24	updated test Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 14:57:25 +01:00
Mark Bolwell	a67a484971	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 14:55:55 +01:00
Mark Bolwell	0ad7bf4848	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-07-26 16:50:48 +01:00
Mark Bolwell	fe1bddf15b	typo fix Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-06-28 11:45:58 +01:00
Mark Bolwell	42b9dc9e89	Linting Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-20 15:16:15 +00:00
Mark Bolwell	58d3bb4e41	updated var naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-01 09:17:38 +00:00
Mark Bolwell	e59e72e3d1	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 12:10:10 +00:00
Mark Bolwell	904d7811d4	moved when to same line Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 08:29:54 +00:00
Mark Bolwell	10a6a2e0dd	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 11:36:12 +00:00
Mark Bolwell	7760f35161	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 10:01:14 +00:00
Mark Bolwell	0350e234fe	rhel_09 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-24 11:02:32 +00:00
Mark Bolwell	939a06d372	Ensure package installed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-23 17:28:52 +00:00
Mark Bolwell	cb609c1f1a	fqcn update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 13:31:53 +00:00
Mark Bolwell	184832d2ac	update blacklist Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 11:28:53 +00:00
Mark Bolwell	acf0104f7a	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 12:10:18 +00:00
Mark Bolwell	3ead0d63ac	warn control count updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 11:05:25 +00:00
Mark Bolwell	dae7d03c34	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 13:47:13 +00:00
Mark Bolwell	3321547bfa	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 13:38:50 +00:00
Mark Bolwell	1b634f3193	updated for firewall Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 11:39:50 +00:00
Mark Bolwell	415f62faca	renamed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 11:39:10 +00:00
Mark Bolwell	efc686a742	rewritten Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-10 11:20:05 +00:00
Mark Bolwell	cb0dd58df5	updated for v1.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-10 11:18:45 +00:00
Kristian	fc407f8329	tss user and spacing Signed-off-by: Kristian <kris9854@gmail.com>	2022-09-27 17:15:49 +02:00
Mark Bolwell	0d155c4182	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 14:08:16 +01:00
Mark Bolwell	3df35e03a0	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:34:42 +01:00
Mark Bolwell	1992eea6da	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:19:01 +01:00
Mark Bolwell	b842c47cd2	line spacing fixed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-29 18:27:55 +01:00
Mark Bolwell	6b6a4a32c8	added warning count Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-20 17:13:33 +01:00
Mark Bolwell	33ebfea653	sysctl control improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-06-20 17:03:18 +01:00
Mark Bolwell	c0c24ec8ef	improved test with idempotency Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-06-17 11:23:44 +01:00
Mark Bolwell	91600af889	yamllint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-26 16:01:56 +01:00
Mark Bolwell	a8602689b8	updated issues and added improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-25 16:58:11 +01:00

1 2

76 commits