RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 14:27:12 +00:00

Author	SHA1	Message	Date
Mark Bolwell	625e4041c1	update logic for 5.2.4 public PR #371 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-14 16:20:51 +01:00
Mark Bolwell	73320db603	dont not run section 1.8 if not gdm PR #364 from public Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-14 16:17:45 +01:00
Mark Bolwell	62095f75fe	updated as per public PR #350 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-14 16:14:47 +01:00
Mark Bolwell	3778d6fb62	improvement updated with public #361 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-04 11:34:53 +01:00
Mark Bolwell	0a56b16d32	updated as per public fix #360 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-04 11:32:56 +01:00
Mark Bolwell	1bdef212bd	Apply latest public fixes benchmark_v2.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-02 10:47:56 +01:00
uk-bolly	182e07a63f	Merge pull request #354 from davidalexander83/devel Fix re.error due to (?i) not at start of re	2025-07-02 10:22:20 +01:00
davidalexander83	7ec2c9bf5e	Fix re.error due to (?i) not at start of re 6.2.2.3 and 6.2.2.4 cause issues due to current re syntax: ^(?i)(\s*compress=) re.error: global flags not at the start of the expression at position 1 Fix removes ^ which resolves issue without affecting functionality. Signed-off-by: davidalexander83 <davidalexander83@icloud.com>	2025-07-02 12:32:20 +10:00
jjoympg	0f5f3ee19b	Merge pull request #37 from ansible-lockdown/rule_6.3.3.5_update Rule 6.3.3.5 update	2025-07-01 10:17:54 -04:00
Mark Bolwell	b8ed2dfdac	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-01 09:37:25 +01:00
Mark Bolwell	2142934148	updated 6.3.3.5 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-07-01 09:29:08 +01:00
Fred W.	968e7783d0	Merge pull request #35 from ansible-lockdown/fix_5.2.4 Improved logic for 5.2.4	2025-06-27 16:58:20 -04:00
Frederick Witty	874890ee40	Update site.yml hosts logic Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 12:06:18 -04:00
Frederick Witty	0ee2de5e20	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 12:04:29 -04:00
Fred W.	d8af4747d4	Merge pull request #353 from ansible-lockdown/fix_5.2.4 Addresses #318 - Thank you @kodebach & @bgro	2025-06-27 11:54:19 -04:00
Frederick Witty	ac276f34fc	ChangeLog versioning fix Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 11:15:19 -04:00
Frederick Witty	23338ccd31	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 11:12:07 -04:00
Fred W.	16179a658b	Merge pull request #352 from ansible-lockdown/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2025-06-27 09:13:10 -04:00
pre-commit-ci[bot]	fc2f5895ce	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v25.5.0 → v25.6.1](https://github.com/ansible-community/ansible-lint/compare/v25.5.0...v25.6.1)	2025-06-23 17:27:59 +00:00
Fred W.	0efd92e2a3	Merge pull request #31 from ansible-lockdown/JUNE2025QA June 2025 QA: Replace egrep to grep	2025-06-23 08:36:55 -04:00
uk-bolly	383822d107	Merge pull request #33 from ansible-lockdown/audit_only_fetch Audit only fetch	2025-06-20 14:41:34 +02:00
uk-bolly	48fd578ee1	Merge pull request #351 from ansible-lockdown/audit_only_fetch Audit only fetch	2025-06-20 14:41:15 +02:00
Mark Bolwell	37f4d0c9f0	fixed crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 12:15:13 +01:00
Mark Bolwell	9db79097f9	fixed crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 12:14:14 +01:00
Mark Bolwell	82cc458d7a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:32:31 +01:00
Mark Bolwell	bd1547313a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:29:53 +01:00
uk-bolly	055cb35603	Merge branch 'devel' into audit_only_fetch Signed-off-by: uk-bolly <mark.bollyuk@gmail.com>	2025-06-20 11:21:28 +02:00
Mark Bolwell	aaea8352de	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:33:29 +01:00
Mark Bolwell	379b184554	added changed_when to fix false warning errors Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:32:20 +01:00
Mark Bolwell	d2de2783a8	added ability to fetch audit and update title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:31:37 +01:00
uk-bolly	3dfa4f7e86	Merge pull request #348 from ansible-lockdown/root_user_check root password and other improvements	2025-06-19 17:28:45 +02:00
Mark Bolwell	72dfe581e9	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:27:53 +01:00
Mark Bolwell	515d5c3bf7	added changed_when to resolve false warning message Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:48 +01:00
Mark Bolwell	908ac57db7	enabled fetch report and updated title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:01 +01:00
Fred W.	3be331c0d2	Merge pull request #32 from ansible-lockdown/June25_align June25 align	2025-06-17 09:33:09 -04:00
Frederick Witty	acacb7a6bc	QA Fixes Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 17:18:08 -04:00
Frederick Witty	38a173546c	Update auditd with check_mode Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 16:49:36 -04:00
Frederick Witty	b38e7d06eb	var fixes for 1.1.2.3.x and 1.1.2.4.x Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 15:14:08 -04:00
Frederick Witty	6ced990430	Update handler naming change_requires_reboot to set reboot required Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-16 14:58:21 -04:00
Mark Bolwell	7e5fb97b9a	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:23:28 +01:00
Mark Bolwell	3ea5b92259	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:22:31 +01:00
Mark Bolwell	3173b74481	updated grep command 1.3.1.6 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:21:45 +01:00
Mark Bolwell	b65504de6b	Updated egrep Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:20:40 +01:00
Mark Bolwell	f892525a7c	5.1.10 and 5.1.11 updated variable naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:19:18 +01:00
Mark Bolwell	02008339b4	updated regex Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:18:22 +01:00
Mark Bolwell	2724faf1fc	50-redhat.conf var naming update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:17:00 +01:00
Mark Bolwell	1537bf72df	5-redhat.conf var naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:16:26 +01:00
Mark Bolwell	2eb85294c8	Updated conditionals for audit steps Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:15:42 +01:00
Mark Bolwell	ce3ae8361e	Updated logic for root password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:14:58 +01:00
Mark Bolwell	6770e5a4ff	added check_mode false to task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:13:53 +01:00

1 2 3 4 5 ...

1161 commits