RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00

Author	SHA1	Message	Date
Joachim la Poutré	4d749d988d	Update cis_1.8.x.yml Corrected tag rule_1.8.10 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com>	2024-01-03 11:13:32 +01:00
Joachim la Poutré	1e55d86001	Update cis_1.3.x.yml Correction to "when": 1_3_3 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com>	2024-01-03 11:12:06 +01:00
uk-bolly	6f8a95c73a	Merge pull request #143 from siemens/siemens/feat/4.2.1.3conditionalAndSectionHeader Siemens/feat/4.2.1.3conditional and section header	2023-12-21 08:40:41 +00:00
uk-bolly	e545b89c7b	Merge pull request #145 from siemens/siemens/feat/5.4.2_addVarUsage Using rhel9cis_authselect['options'], otherwise not used at all	2023-12-21 08:39:48 +00:00
Ionut Pruteanu	ca41b128cd	Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-20 22:21:14 +02:00
Ionut Pruteanu	88ffe32137	Storing max_log_file under `rhel9cis_auditd` dict variable. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-20 21:58:49 +02:00
uk-bolly	145ac85e52	Merge pull request #103 from Corey0219/update-4-2-3 find hidden files in /var/log for 4.3.2	2023-12-20 09:48:47 +00:00
Corey Reid	8d85f178e2	find hidden files in /var/log for 4.3.2 Signed-off-by: Corey Reid <corey.nathan.reid@gmail.com>	2023-12-17 17:36:34 +00:00
uk-bolly	c56ea1ac9a	Merge pull request #140 from siemens/siemens/feat/3.4.2.5_fixConditional 3.4.2.5 conditional fix	2023-12-13 08:44:08 +00:00
uk-bolly	82d1c2bdfb	Merge pull request #138 from siemens/siemens/feat/2.3.4_fixConditional Using correct conditional for ftpd	2023-12-13 08:43:07 +00:00
uk-bolly	779c90ea0e	Merge pull request #136 from siemens/siemens/feat/2.2.16_fixingNFSLogicBetweenMaskingServiceVsRemovingPackage Masking service when server package is needed	2023-12-13 08:42:33 +00:00
uk-bolly	74f21e5303	Merge pull request #133 from siemens/siemens/feat/timeoutValueDefinedNotUsed Timeout value defined in defaults/main.yml file not used	2023-12-13 08:40:02 +00:00
uk-bolly	ecbd514df1	Merge pull request #129 from siemens/siemens/feat/removingRedundantConditionals Removing redundant conditional statements	2023-12-13 08:27:49 +00:00
uk-bolly	998eaf30ba	Merge pull request #121 from dulin/fix-chrony Fixed chrony configuration options	2023-12-13 08:23:13 +00:00
uk-bolly	d022977723	Merge pull request #127 from ansible-lockdown/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-12-13 08:20:34 +00:00
uk-bolly	b7936bc633	Merge pull request #122 from senihucar/patch-1 Update cis_5.6.1.x.yml	2023-12-13 08:19:58 +00:00
Ionut Pruteanu	c19e350b7d	Using rhel9cis_authselect['options'], otherwise not used at all Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-08 16:44:30 +02:00
Ionut Pruteanu	e0de491263	whole section defined in cis_4.2.1.x.yml gets executed only `when: rhel9cis_syslog == 'rsyslog'`, having same condition is redundant and may confuse users. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-08 12:03:00 +02:00
Ionut Pruteanu	d79bba53c6	Rsyslog subsection corrected header(was using 4.2 logging name, instead of 4.2.1. rsyslog name) Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-08 12:01:10 +02:00
Ionut Pruteanu	81fd98e2c6	Using correct conditional for Task relying on 'firewall-cmd --get-active-zones' cmd Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 20:38:20 +02:00
Ionut Pruteanu	cd04537bf1	Using correct conditional for ftpd Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 18:58:02 +02:00
Ionut Pruteanu	9d988b483f	Masking service when server package is needed Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 18:10:09 +02:00
Ionut Pruteanu	4fe5f95cf7	Timeout value defined in defaults/main.yml file not used Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-05 20:40:50 +02:00
Ionut Pruteanu	b6f1703cfc	Replacing vars according to Audit needs Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-05 19:51:38 +02:00
Ionut Pruteanu	72b503bf46	Removing redundant conditional statements Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-05 14:42:51 +02:00
pre-commit-ci[bot]	f3726b8908	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v6.22.0 → v6.22.1](https://github.com/ansible-community/ansible-lint/compare/v6.22.0...v6.22.1)	2023-12-04 17:36:20 +00:00
Senih	cce2b25d80	Update cis_5.6.1.x.yml Typo fixed from: - rule_5.5.1.3 to: - rule_5.6.1.3 Signed-off-by: Senih <40578755+senihucar@users.noreply.github.com>	2023-11-23 12:02:37 -08:00
Marcin Dulinski	8b875ad228	Fixed chrony configuration options Signed-off-by: Marcin Dulinski <martin@dulin.me.uk>	2023-11-22 09:17:15 +00:00
uk-bolly	8405e67db2	Merge pull request #119 from ansible-lockdown/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-11-21 14:04:21 +00:00
uk-bolly	f56e5d33d9	Merge pull request #120 from ansible-lockdown/audit_only Audit only enhancement and goss update	2023-11-21 13:33:58 +00:00
Mark Bolwell	dc7da70b61	fixed typo Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 12:37:09 +00:00
Mark Bolwell	669f535225	updated benchmark name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 12:28:52 +00:00
Mark Bolwell	afd1c2ff01	fixed benchmark_name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 10:11:50 +00:00
Mark Bolwell	41520312e6	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 10:00:27 +00:00
Mark Bolwell	2c152b3ae5	removed dupe line Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 09:50:11 +00:00
Mark Bolwell	23a4386e95	addition of audit_only config Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 09:49:36 +00:00
Mark Bolwell	8784941179	audit variables seperated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-11-21 09:48:49 +00:00
pre-commit-ci[bot]	7d64ebbca0	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/gitleaks/gitleaks: v8.18.0 → v8.18.1](https://github.com/gitleaks/gitleaks/compare/v8.18.0...v8.18.1)	2023-11-20 17:35:48 +00:00
uk-bolly	c5a4866e1a	Merge pull request #110 from ansible-lockdown/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-11-16 14:39:49 +00:00
pre-commit-ci[bot]	d51efffd50	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/pre-commit/pre-commit-hooks: v3.2.0 → v4.5.0](https://github.com/pre-commit/pre-commit-hooks/compare/v3.2.0...v4.5.0) - [github.com/gitleaks/gitleaks: v8.17.0 → v8.18.0](https://github.com/gitleaks/gitleaks/compare/v8.17.0...v8.18.0) - [github.com/ansible-community/ansible-lint: v6.17.2 → v6.22.0](https://github.com/ansible-community/ansible-lint/compare/v6.17.2...v6.22.0) - [github.com/adrienverge/yamllint.git: v1.32.0 → v1.33.0](https://github.com/adrienverge/yamllint.git/compare/v1.32.0...v1.33.0)	2023-11-13 17:46:18 +00:00
root@DERVISHx	c6a51ad38a	Adding new entry in /etc/pam.d/system-auth Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>	2023-11-10 15:28:12 +00:00
uk-bolly	50c8945565	Merge pull request #108 from ansible-lockdown/workflow_galaxy updated workflow for galaxy and versions	2023-10-31 16:47:12 +00:00
Mark Bolwell	df36a1e7af	updated workflow for galaxy and versions Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-10-31 15:21:19 +00:00
Bernd Grobauer	646b4decc1	Adding missing lines to sysctl.d/50-default.conf Signed-off-by: Bernd Grobauer <bernd.grobauer@siemens.com>	2023-10-12 12:56:20 +02:00
uk-bolly	9fa57a2b41	Merge pull request #100 from ansible-lockdown/collections updated collections	2023-10-10 15:53:51 +01:00
Mark Bolwell	c4714f5807	updated collections Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-10-06 22:02:41 +01:00
uk-bolly	3525cb6aab	Merge pull request #99 from ansible-lockdown/umask updated 5.6.5	2023-09-22 12:49:48 +01:00
Mark Bolwell	729fac3580	updated 5.6.5 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-22 08:44:43 +01:00
uk-bolly	60f756adb5	Merge pull request #98 from ansible-lockdown/sept_lint Sept lint	2023-09-21 16:47:33 +01:00
Mark Bolwell	076c02ea92	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 16:26:28 +01:00

1 2 3 4 5 ...

778 commits