RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-26 06:37:11 +00:00

Author	SHA1	Message	Date
Michael Hicks	c88d3dec49	fixed extra line based yaml lint failing issue Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:11 -08:00
Michael Hicks	c4a97079b1	added guardrails on enabled and state flags to systemd mask tasks to only disable and stop when the package is installed, otherwise just mask to prevent the service from ever starting should it get installed at a later time. This allows hardening to proceed when the service doesn't exist but masking has been requested. Otherwise the playbook run will fail at a step when the service which comes with the package doesn't already exist Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2026-03-04 11:42:10 -08:00
Mark Bolwell	cedf510b94	addressed #309 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-03-31 12:36:27 +01:00
Mark Bolwell	b616f70d86	addressed #306 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-03-31 12:35:07 +01:00
Mark Bolwell	82f7b53a67	Merge branch 'lint_dec24' into alignment Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 13:36:08 +00:00
Mark Bolwell	6cc43202c8	removed empty line Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 13:11:39 +00:00
Mark Bolwell	88ac5c3d65	Lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 11:49:02 +00:00
Mark Bolwell	2de8a39cdc	updated yamllint, company naming, linting and spacing Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-04 12:00:12 +00:00
Mark Bolwell	14d038e8eb	renamed variables Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 17:36:07 +01:00
Mark Bolwell	89345c12f8	rename snmp var Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-08-09 13:13:35 +01:00
Mark Bolwell	f1c4d96412	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-07-24 14:00:00 +01:00
Mark Bolwell	a53569a474	section 2 v2.0.0 update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-07-22 12:43:35 +01:00
Mark Bolwell	bad08c0228	section2 v2.0.0 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-07-22 12:43:08 +01:00
Svennd	2c09971cc2	2.4 : socket vs sockets This looks for all active sockets, but the command is singular Signed-off-by: Svennd <svenn.dhert@uantwerpen.be>	2024-05-22 10:28:56 +02:00
uk-bolly	82d1c2bdfb	Merge pull request #138 from siemens/siemens/feat/2.3.4_fixConditional Using correct conditional for ftpd	2023-12-13 08:43:07 +00:00
Ionut Pruteanu	cd04537bf1	Using correct conditional for ftpd Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 18:58:02 +02:00
Ionut Pruteanu	9d988b483f	Masking service when server package is needed Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-07 18:10:09 +02:00
Mark Bolwell	e82b2cefac	quoted file mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 16:25:59 +01:00
Mark Bolwell	580ee762ee	fix filename Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:35:35 +01:00
Mark Bolwell	c5ed197e03	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:07:52 +01:00
Mark Bolwell	a67a484971	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 14:55:55 +01:00
Luca Berton	9709779492	Fix 2.2.14 Corrected rule 2.2.14 Ensure dnsmasq is not installed (Automated). Signed-off-by: Luca Berton <luca@ansiblepilot.com>	2023-07-06 21:30:09 +02:00
Mark Bolwell	42b9dc9e89	Linting Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-20 15:16:15 +00:00
Mark Bolwell	10f3a025d2	gui fix 2.2.1 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-20 13:33:12 +00:00
Mark Bolwell	cb609c1f1a	fqcn update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 13:31:53 +00:00
Mark Bolwell	50d4cd83aa	Removed -automated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 14:15:50 +00:00
Mark Bolwell	acf0104f7a	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 12:10:18 +00:00
Mark Bolwell	3ead0d63ac	warn control count updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 11:05:25 +00:00
Mark Bolwell	50e24dfac1	v1.0.0 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-09 16:30:02 +00:00
Mark Bolwell	1992eea6da	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:19:01 +01:00
Mark Bolwell	6b6a4a32c8	added warning count Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-20 17:13:33 +01:00
Mark Bolwell	2ecc61649e	Std Warning msg Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-05-11 11:19:50 +01:00
Mark Bolwell	82d1d18504	consistent lineinfile usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-06 16:58:03 +01:00
Mark Bolwell	7374c37510	updates var naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-06 16:31:57 +01:00
Mark Bolwell	13a6746997	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:24:47 +01:00
Mark Bolwell	b3a6f89ae0	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:30:40 +01:00
Mark Bolwell	9a0ac22331	fix tag typo Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 16:20:27 +01:00
Mark Bolwell	b4eefdbdd3	2.2.18 update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:14:24 +01:00
Mark Bolwell	8b8aef291b	updated masked options Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 14:40:58 +01:00
Mark Bolwell	4dfacd9e3b	updated server/service vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 12:50:41 +01:00
Mark Bolwell	f0c4701dbd	updated controls Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 15:26:13 +01:00
Mark Bolwell	8c79bfe7fb	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:22:30 +01:00
Mark Bolwell	dc5f71d461	removed not required files Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:09:55 +01:00
Mark Bolwell	f808f30173	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:08:18 +01:00
uk-bolly	02a36f7f8d	Fix in logic for Alma (#4 ) * container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed reboot var Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed skip_reboot var name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * masked only Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * remove debug update logic 6.2.8 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed CentOS Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-02 11:25:03 +00:00
Mark Bolwell	54f4e0b4b8	boolean variable true/false Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 16:51:17 +00:00
Mark Bolwell	95d8152603	added args warn for shell Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 12:08:30 +00:00
Mark Bolwell	819c942d8f	updated include/import tasks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 11:27:38 +00:00
Mark Bolwell	a54b5216eb	Initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-07 09:06:18 +00:00

49 commits