RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00

Author	SHA1	Message	Date
Michael Hicks	c88d3dec49	fixed extra line based yaml lint failing issue Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:11 -08:00
Michael Hicks	c4a97079b1	added guardrails on enabled and state flags to systemd mask tasks to only disable and stop when the package is installed, otherwise just mask to prevent the service from ever starting should it get installed at a later time. This allows hardening to proceed when the service doesn't exist but masking has been requested. Otherwise the playbook run will fail at a step when the service which comes with the package doesn't already exist Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:10 -08:00
uk-bolly	497b3dc8d9	Merge pull request #433 from ansible-lockdown/pre-commit-ci-update-config Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details [pre-commit.ci] pre-commit autoupdate	2026-03-03 09:55:07 +00:00
pre-commit-ci[bot]	e6ba3cea4a	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v26.1.1 → v26.2.0](https://github.com/ansible-community/ansible-lint/compare/v26.1.1...v26.2.0)	2026-03-02 17:47:33 +00:00
Frederick Witty	587dfb40cf	Merge pull request #429 from ansible-lockdown/pub_feb26_updates Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details Pub feb26 updates	2026-02-12 10:14:46 -05:00
Mark Bolwell	25b9934ce0	removed dup key Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-12 12:17:31 +00:00
uk-bolly	3015e2fe2f	Merge branch 'devel' into pub_feb26_updates Signed-off-by: uk-bolly <69214557+uk-bolly@users.noreply.github.com>	2026-02-12 09:54:10 +00:00
Mark Bolwell	032c75924e	Tidy up 5.3.2.1 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-12 09:49:52 +00:00
Mark Bolwell	98e89d8945	Latest fixes updates Feb26 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-12 09:15:05 +00:00
Frederick Witty	3cfcf00717	Merge pull request #63 from ansible-lockdown/Feb26_updates Update .j2 branding	2026-02-11 17:01:56 -05:00
Frederick Witty	f413385208	Update .j2 branding Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-02-11 15:39:59 -05:00
Frederick Witty	4aa09d558f	Merge pull request #61 from ansible-lockdown/Feb26_updates 2026 Feb QA Fixes	2026-02-11 15:19:20 -05:00
Frederick Witty	71206432be	QA fixes and rollback of audit_only logic Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-02-11 14:54:30 -05:00
uk-bolly	15ebe5500b	Merge pull request #428 from draygoX/devel Some checks are pending Export Public Repo Badges / export-badges (push) Waiting to run Details Move rhel9cis_ipv6_disable_method to a better location	2026-02-11 09:32:37 +00:00
Frederick Witty	11becb32c5	QA Fixes Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-02-10 16:01:05 -05:00
Frederick Witty	a6aa5895d5	Merge pull request #60 from ansible-lockdown/Feb26_updates Enhance documents for password hash	2026-02-06 10:24:39 -05:00
Mark Bolwell	2863be6c02	tidied up comments to make it simpler Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-06 14:16:29 +00:00
Mark Bolwell	591f0d90f4	Updated comments for password hash and variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-06 12:49:05 +00:00
Frederick Witty	0a77d6859f	Merge pull request #59 from ansible-lockdown/Feb26_updates Feb26 updates	2026-02-05 16:01:24 -05:00
Mark Bolwell	3442801399	tidy up of variables and warning for bootloader password Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-05 20:29:37 +00:00
Mark Bolwell	9a3f458db0	Updated bootloader password logic and enabled old methods without change Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-05 18:10:29 +00:00
Mark Bolwell	9b091984db	updated logic to allow manual hash to be added or filter Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-05 17:53:55 +00:00
Mark Bolwell	f1786fe20f	added passlib dependency documentation Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-05 10:39:04 +00:00
Mark Bolwell	83ee942ecf	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-03 09:18:36 +00:00
Mark Bolwell	943b570484	incorporated PR 345 thanks to @thulium-drake Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-03 09:01:55 +00:00
Mark Bolwell	c7567a98ac	fixed tags and audit logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-03 08:57:45 +00:00
Mark Bolwell	eb9c96f335	Updated Company title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-01 20:13:34 +00:00
Mark Bolwell	2708a28409	removed schedule tasks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-01 20:09:48 +00:00
Mark Bolwell	3e27eb88de	Updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-01 20:09:10 +00:00
Mark Bolwell	db0b08762e	fixed typo thats to Eugene @Frequentis Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-01 19:54:22 +00:00
Mark Bolwell	63d2ce7d2d	removed legacy option Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2026-02-01 19:53:50 +00:00
draygoX	8126665a02	Move rhel9cis_ipv6_disable_method to a better location Signed-off-by: draygoX <90591954+draygoX@users.noreply.github.com>	2026-01-30 08:48:00 -06:00
uk-bolly	e6a29ab36d	Merge pull request #426 from ansible-lockdown/pre-commit-ci-update-config Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details [pre-commit.ci] pre-commit autoupdate	2026-01-22 08:48:58 +00:00
uk-bolly	d3f24d9d94	Merge pull request #420 from bol7742/patch-1 fix: make 5.3.2.2 idempotent with 5.3.3.1.1	2026-01-22 08:48:38 +00:00
pre-commit-ci[bot]	c1f4b780be	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/ansible-community/ansible-lint: v25.12.2 → v26.1.1](https://github.com/ansible-community/ansible-lint/compare/v25.12.2...v26.1.1) - [github.com/adrienverge/yamllint.git: v1.37.1 → v1.38.0](https://github.com/adrienverge/yamllint.git/compare/v1.37.1...v1.38.0)	2026-01-19 17:44:50 +00:00
Frederick Witty	6b986a7352	Merge pull request #57 from ansible-lockdown/2026Jan_Updates 2026 Jan Updates: Public Issue fixes, Lic Year and Linting	2026-01-08 16:41:35 -05:00
Frederick Witty	e65df16f67	Update 3.1.1 Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:33:16 -05:00
Frederick Witty	173fbd3254	Linting Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:26:24 -05:00
Frederick Witty	10f88cc1a3	update vars to rhel9 Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:13:07 -05:00
Frederick Witty	309ff4cdd7	Fixes from Public Issue 418 and 419 + Lic year Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 14:08:35 -05:00
Frederick Witty	b2d08552c5	Merge pull request #425 from ansible-lockdown/2026Jan_Updates Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details 2026 Jan Updates	2026-01-08 13:50:20 -05:00
Frederick Witty	02132181e6	update changelog Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 12:24:44 -05:00
Frederick Witty	22a9b085d7	fix for #419 , thank you @aaronk1 Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 12:23:40 -05:00
Frederick Witty	87cd0f3eb5	fix for #418 and update Lic year Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2026-01-08 09:40:08 -05:00
Frederick Witty	2d02d8b048	Merge pull request #56 from ansible-lockdown/benchmark_v2.0.0 Benchmark v2.0.0 Sync	2025-12-30 14:42:39 -05:00
Frederick Witty	fb74617694	Merge pull request #55 from ansible-lockdown/disable_ipv6_improvements Update audit vars to add rhel9cis_ipv6_disable_method	2025-12-30 10:19:52 -05:00
Frederick Witty	923cba3ca5	Merge pull request #424 from ansible-lockdown/issue_416_fix Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details Issue 416: update changelog and ansible_vars_goss	2025-12-30 10:18:50 -05:00
Frederick Witty	5d1143ff87	Update changelog Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2025-12-30 08:21:47 -05:00
Frederick Witty	fefd2c94b2	Update ansible_vars_goss with var rhel9cis_ipv6_disable_method Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2025-12-30 08:17:57 -05:00
Frederick Witty	ac83c8cf35	Update audit vars to add rhel9cis_ipv6_disable_method: {{ rhel9cis_ipv6_disable_method }} Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>	2025-12-29 17:18:05 -05:00

1 2 3 4 5 ...

1381 commits