RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00

Author	SHA1	Message	Date
Michael Hicks	c4a97079b1	added guardrails on enabled and state flags to systemd mask tasks to only disable and stop when the package is installed, otherwise just mask to prevent the service from ever starting should it get installed at a later time. This allows hardening to proceed when the service doesn't exist but masking has been requested. Otherwise the playbook run will fail at a step when the service which comes with the package doesn't already exist Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:10 -08:00
Frederick Witty	71206432be	QA fixes and rollback of audit_only logic Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-02-11 14:54:30 -05:00
Frederick Witty	e65df16f67	Update 3.1.1 Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:33:16 -05:00
George Nalen	7ff8e7b6b9	Updated disable IPv6 logic Signed-off-by: George Nalen <georgen@mindpointgroup.com>	2025-12-23 11:20:21 -05:00
Mark Bolwell	f2c03f1e68	variable networkmanager package and typo fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:11:36 +01:00
Mark Bolwell	7b1c8e9ef0	additional fix for #309 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-03-31 12:37:58 +01:00
Mark Bolwell	2de8a39cdc	updated yamllint, company naming, linting and spacing Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-04 12:00:12 +00:00
Mark Bolwell	14d038e8eb	renamed variables Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 17:36:07 +01:00
Mark Bolwell	f1c4d96412	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-07-24 14:00:00 +01:00
uk-bolly	f8fcfe0e78	April_24 updates (#201 ) * Issue #170, PR #181 thanks to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * issue #182, PR #183 thansk to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PR #180 thanks to @ipruteanu-sie and @raabf Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Addressed PR #165 thanks to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PT #184 addressed thansk to @ipruteanu-sie Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated credits Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * typo and ssh allow_deny comments Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * enable OS check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * PR - #198 addressed thanks to @brakkio86 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Addressed issue #190 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Additional vars for issue #190 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated pre-commit version Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * consistent quotes around mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * moved audit added discoveries Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed unneeded vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * audit moved to prelim Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * improved new variable usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed logic 6.2.10 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * addressed #197 thanks to @mark-tomich Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updates for audit section Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added prelim to includes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-04-15 14:02:07 +01:00
Mark Bolwell	e82b2cefac	quoted file mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 16:25:59 +01:00
Mark Bolwell	af20f70f24	updated test Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 14:57:25 +01:00
Mark Bolwell	0ad7bf4848	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-07-26 16:50:48 +01:00
Mark Bolwell	58d3bb4e41	updated var naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-01 09:17:38 +00:00
Mark Bolwell	e59e72e3d1	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 12:10:10 +00:00
Mark Bolwell	10a6a2e0dd	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 11:36:12 +00:00
Mark Bolwell	7760f35161	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 10:01:14 +00:00
Mark Bolwell	0350e234fe	rhel_09 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-24 11:02:32 +00:00
Mark Bolwell	184832d2ac	update blacklist Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 11:28:53 +00:00
Mark Bolwell	acf0104f7a	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 12:10:18 +00:00
Mark Bolwell	3321547bfa	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 13:38:50 +00:00
Mark Bolwell	cb0dd58df5	updated for v1.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-10 11:18:45 +00:00
Kristian	fc407f8329	tss user and spacing Signed-off-by: Kristian <kris9854@gmail.com>	2022-09-27 17:15:49 +02:00
Mark Bolwell	1992eea6da	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:19:01 +01:00
Mark Bolwell	33ebfea653	sysctl control improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-06-20 17:03:18 +01:00
Mark Bolwell	13a6746997	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:24:47 +01:00
Mark Bolwell	96abe45eb2	fix template path Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:06 +01:00
Mark Bolwell	fef891dc1b	tidy up sysctl templates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:14:13 +01:00
Mark Bolwell	c85e9ba43f	updated ipv6 rules Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:36:36 +01:00
Mark Bolwell	8c79bfe7fb	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:22:30 +01:00
Mark Bolwell	a54b5216eb	Initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-07 09:06:18 +00:00

31 commits