RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00

Author	SHA1	Message	Date
Mark Bolwell	62095f75fe	updated as per public PR #350 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-14 16:14:47 +01:00
Mark Bolwell	3778d6fb62	improvement updated with public #361 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-04 11:34:53 +01:00
Mark Bolwell	0a56b16d32	updated as per public fix #360 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-04 11:32:56 +01:00
Mark Bolwell	1bdef212bd	Apply latest public fixes benchmark_v2.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-02 10:47:56 +01:00
davidalexander83	7ec2c9bf5e	Fix re.error due to (?i) not at start of re 6.2.2.3 and 6.2.2.4 cause issues due to current re syntax: ^(?i)(\s*compress=) re.error: global flags not at the start of the expression at position 1 Fix removes ^ which resolves issue without affecting functionality. Signed-off-by: davidalexander83 <davidalexander83@icloud.com>	2025-07-02 12:32:20 +10:00
Frederick Witty	0ee2de5e20	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 12:04:29 -04:00
Frederick Witty	23338ccd31	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 11:12:07 -04:00
Fred W.	0efd92e2a3	Merge pull request #31 from ansible-lockdown/JUNE2025QA June 2025 QA: Replace egrep to grep	2025-06-23 08:36:55 -04:00
Mark Bolwell	82cc458d7a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:32:31 +01:00
Mark Bolwell	bd1547313a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:29:53 +01:00
uk-bolly	055cb35603	Merge branch 'devel' into audit_only_fetch Signed-off-by: uk-bolly <mark.bollyuk@gmail.com>	2025-06-20 11:21:28 +02:00
Mark Bolwell	379b184554	added changed_when to fix false warning errors Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:32:20 +01:00
Mark Bolwell	d2de2783a8	added ability to fetch audit and update title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:31:37 +01:00
uk-bolly	3dfa4f7e86	Merge pull request #348 from ansible-lockdown/root_user_check root password and other improvements	2025-06-19 17:28:45 +02:00
Mark Bolwell	515d5c3bf7	added changed_when to resolve false warning message Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:48 +01:00
Mark Bolwell	908ac57db7	enabled fetch report and updated title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:01 +01:00
Frederick Witty	acacb7a6bc	QA Fixes Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 17:18:08 -04:00
Frederick Witty	38a173546c	Update auditd with check_mode Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 16:49:36 -04:00
Frederick Witty	b38e7d06eb	var fixes for 1.1.2.3.x and 1.1.2.4.x Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 15:14:08 -04:00
Frederick Witty	6ced990430	Update handler naming change_requires_reboot to set reboot required Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 14:58:21 -04:00
Mark Bolwell	3173b74481	updated grep command 1.3.1.6 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:21:45 +01:00
Mark Bolwell	b65504de6b	Updated egrep Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:20:40 +01:00
Mark Bolwell	f892525a7c	5.1.10 and 5.1.11 updated variable naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:19:18 +01:00
Mark Bolwell	02008339b4	updated regex Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:18:22 +01:00
Mark Bolwell	2724faf1fc	50-redhat.conf var naming update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:17:00 +01:00
Mark Bolwell	2eb85294c8	Updated conditionals for audit steps Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:15:42 +01:00
Mark Bolwell	ce3ae8361e	Updated logic for root password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:14:58 +01:00
Mark Bolwell	6770e5a4ff	added check_mode false to task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:13:53 +01:00
Mark Bolwell	27c7ec3604	fixed typos Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:12:21 +01:00
Mark Bolwell	35d0bf9c4b	updated auditing conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 13:19:14 +01:00
uk-bolly	27dc592c12	Merge pull request #343 from polski-g/auditd_check_mode auditd: ensure check mode runs non-destructive call to ausyscall --dump	2025-06-16 11:15:30 +02:00
Mark Bolwell	7bef2eda62	added check_mode false Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:12:27 +01:00
Mark Bolwell	18fc4ea585	updated conditional var name and regex best practices Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:08:56 +01:00
Mark Bolwell	b2308ac310	fixed typos in logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:55 +01:00
Mark Bolwell	51b20d383d	Renamed variable to prelim Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:27 +01:00
Mark Bolwell	9f50effd30	updated logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:01:10 +01:00
Frederick Witty	3a0ee6e9f8	update 1.3.1.6 log to grep -E Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-12 15:44:03 -04:00
Frederick Witty	f40d17df92	Update eprep based tasks to grep/awk Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-12 12:42:44 -04:00
Mark Bolwell	30bb04b1d4	updates root password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-12 12:10:44 +01:00
Fred W.	f86803b1a7	Merge pull request #346 from ansible-lockdown/May2025Fixes Fix for #325 thank you @mindrb	2025-06-09 12:23:28 -04:00
polski-g	5226f14b3e	fetch of auditd logfile should run in check_mode Signed-off-by: polski-g <polski_g@sent.at>	2025-06-06 10:03:47 -04:00
polski-g	1bff329a05	auditd: ensure check mode runs non-destructive call to ausyscall --dump Signed-off-by: polski-g <polski_g@sent.at>	2025-06-03 11:35:05 -04:00
uk-bolly	f70821bf7e	Merge pull request #340 from ansible-lockdown/interactive_user_update Updated variable naming for interactive_users	2025-05-28 18:42:20 +01:00
Mark Bolwell	2e3499ca8c	added missing square brace Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:47:01 +01:00
Mark Bolwell	3197252611	Merge branch 'benchmark_v2.0.0' into interactive_user_update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:14:18 +01:00
Mark Bolwell	2256456f0e	align with public fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:12:31 +01:00
Mark Bolwell	f2c03f1e68	variable networkmanager package and typo fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:11:36 +01:00
Mark Bolwell	cb475d3368	fixed typo on post audit file name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:10:28 +01:00
Mark Bolwell	7673c2ff00	Added home directory discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:53:41 +01:00
Mark Bolwell	97abfaf9f8	updated passwd variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:41:12 +01:00

1 2 3 4 5 ...

553 commits