Merge pull request #432 from ansible-lockdown/devel

Latest main release
Merge pull request #427 from ansible-lockdown/devel
2026-03-26 22:47:12 +00:00 · 2026-02-27 11:43:24 +00:00 · 2026-01-26 12:00:22 +00:00 · 2025-10-17 10:56:49 -04:00 · 2025-07-18 12:21:14 -04:00 · 2025-07-02 10:50:59 -04:00
4 changed files with 3 additions and 12 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -48,7 +48,7 @@ repos:
    name: Run Gitleaks test
 - repo: https://github.com/ansible-community/ansible-lint
-  rev: v26.3.0
+  rev: v26.1.1
  hooks:
  - id: ansible-lint
    name: Ansible-lint
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -959,13 +959,6 @@ rhel9cis_ssh_maxsessions: 4
 # This variable defines the path and file name of the sudo log file.
 rhel9cis_sudolog_location: "/var/log/sudo.log"
 ## Control 5.2.4 - Ensure users must provide password for escalation
 # The following variable specifies a list of users that should not be required to provide a password
 # for escalation. Feel free to edit it according to your needs.
 rhel9cis_sudoers_exclude_nopasswd_list:
  - ec2-user
  - vagrant
 ## Control 5.2.x - Ensure sudo authentication timeout is configured correctly
 # This variable sets the duration (in minutes) during which a user's authentication credentials
 # are cached after successfully authenticating using "sudo". This allows the user to execute
@ -1111,7 +1104,7 @@ rhel9cis_passwd_dictcheck_file: etc/security/pwquality.conf.d/50-pwdictcheck.con
 rhel9cis_passwd_dictcheck_value: 1
 # 5.3.3.2.7 - Ensure password quality is enforced for the root user
-rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwroot.conf  # pragma: allowlist secret
+rhel9cis_passwd_quality_enforce_file: etc/security/pwquality.conf.d/50-pwquality_enforce.conf  # pragma: allowlist secret
 rhel9cis_passwd_quality_enforce_value: 1
 rhel9cis_passwd_quality_enforce_root_value: enforce_for_root  # pragma: allowlist secret
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@ -259,8 +259,6 @@
 - name: "PRELIM | PATCH | sshd_config.d/50-redhat.conf exists"
  when: rhel9cis_rule_5_1_10 or rhel9cis_rule_5_1_11
  tags:
    - always
  ansible.builtin.stat:
    path: /etc/ssh/sshd_config.d/50-redhat.conf
  register: prelim_sshd_50_redhat_file
--- a/tasks/section_5/cis_5.3.3.2.x.yml
+++ b/tasks/section_5/cis_5.3.3.2.x.yml
@ -340,7 +340,7 @@
        - system
      notify: Authselect update
- name: "5.3.3.2.7 | PATCH | Ensure password quality is enforced for the root user"
+- name: "5.3.3.2.7 | PATCH | Ensure password quality checking is enforced"
  when: rhel9cis_rule_5_3_3_2_7
  tags:
    - level1-server
Author	SHA1	Message	Date
uk-bolly	b98381fcd8	Merge pull request #432 from ansible-lockdown/devel Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details Latest main release	2026-02-27 11:43:24 +00:00
uk-bolly	663f84d1fe	Merge pull request #427 from ansible-lockdown/devel Some checks failed Export Public Repo Badges / export-badges (push) Has been cancelled Details Release to main	2026-01-26 12:00:22 +00:00
Frederick Witty	9bab97dccc	Merge pull request #407 from ansible-lockdown/devel Latest fixed to merge with main	2025-10-17 10:56:49 -04:00
Fred W.	751fac8a0c	Merge pull request #368 from ansible-lockdown/devel July 25 Release to main	2025-07-18 12:21:14 -04:00
jjoympg	25b4bb780c	Merge pull request #355 from ansible-lockdown/devel Merge latest into devel	2025-07-02 10:50:59 -04:00
uk-bolly	3d502efaef	Merge pull request #307 from ansible-lockdown/devel Updates to benchmark v2.0.0	2025-03-18 09:22:32 +00:00
uk-bolly	f4a0bca52a	Merge pull request #290 from ansible-lockdown/devel CIS V2 release to main	2025-02-14 10:44:12 +00:00
uk-bolly	ef2b7dca5d	Merge pull request #267 from ansible-lockdown/devel CIS v1.0.0 final release to main	2024-12-19 15:07:56 +00:00
uk-bolly	81a929961a	Merge pull request #259 from ansible-lockdown/devel CIS v1.0.0 updates Nov 2024	2024-11-19 18:11:52 +00:00
uk-bolly	16cb6a4617	Merge pull request #235 from ansible-lockdown/devel rhel9-cis main release v1.0.0	2024-09-10 15:45:16 +01:00
uk-bolly	151896e113	Merge pull request #213 from ansible-lockdown/devel Update to galaxy meta	2024-06-11 13:02:59 +01:00
uk-bolly	306eb59b88	Merge pull request #210 from ansible-lockdown/devel Release to main	2024-06-10 12:49:41 +01:00
uk-bolly	7661bc0963	Merge pull request #205 from ansible-lockdown/devel Release to main	2024-05-01 13:53:19 +01:00
uk-bolly	00e6f196b5	Merge pull request #89 from ansible-lockdown/devel workflow check run	2023-08-10 14:25:08 +01:00
uk-bolly	4567a0baad	Merge pull request #86 from ansible-lockdown/devel Readme layout update	2023-08-09 16:08:19 +01:00
uk-bolly	10dc297e9a	Merge pull request #84 from ansible-lockdown/devel devel to main release	2023-08-09 14:34:53 +01:00
uk-bolly	21a886a81c	Merge pull request #64 from ansible-lockdown/devel Devel to main - bug fixes	2023-06-06 14:40:39 +01:00
uk-bolly	759bbbad7e	Merge pull request #49 from ansible-lockdown/devel Galaxy Compliance	2023-03-21 21:11:51 +00:00
uk-bolly	8bbccd6b62	Merge pull request #47 from ansible-lockdown/devel Merge to Main galaxy workflow	2023-03-21 16:35:53 +00:00
uk-bolly	beaeb3a181	Merge pull request #45 from ansible-lockdown/devel Initial 1.0 release CIS 1.0	2023-03-21 15:39:53 +00:00