RHEL9-CIS

ansible-lockdown/RHEL9-CIS

Fork 1

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00

Commit graph

4fe5f95cf7

Timeout value defined in defaults/main.yml file not used Ionut Pruteanu 2023-12-05 20:40:50 +02:00
b6f1703cfc

Replacing vars according to Audit needs Ionut Pruteanu 2023-12-05 19:51:38 +02:00
72b503bf46

Removing redundant conditional statements Ionut Pruteanu 2023-12-05 14:42:51 +02:00
f3726b8908

[pre-commit.ci] pre-commit autoupdate pre-commit-ci[bot] 2023-12-04 17:36:20 +00:00
34b052196c

Document variables in defaults/main.yml, Fix 5 from devel root@DERVISHx 2023-11-29 15:50:23 +00:00
a2162dbd1b

Document variables in defaults/main.yml, Fix 2. root@DERVISHx 2023-11-24 15:38:40 +00:00
cce2b25d80

Update cis_5.6.1.x.yml Senih 2023-11-23 12:02:37 -08:00
8b875ad228

Fixed chrony configuration options Marcin Dulinski 2023-11-22 09:17:15 +00:00
8405e67db2

Merge pull request #119 from ansible-lockdown/pre-commit-ci-update-config uk-bolly 2023-11-21 14:04:21 +00:00
f56e5d33d9

Merge pull request #120 from ansible-lockdown/audit_only uk-bolly 2023-11-21 13:33:58 +00:00
dc7da70b61

fixed typo Mark Bolwell 2023-11-21 12:37:09 +00:00
669f535225

updated benchmark name Mark Bolwell 2023-11-21 12:28:06 +00:00
afd1c2ff01

fixed benchmark_name Mark Bolwell 2023-11-21 10:11:08 +00:00
41520312e6

updated Mark Bolwell 2023-11-21 10:00:27 +00:00
2c152b3ae5

removed dupe line Mark Bolwell 2023-11-21 09:50:11 +00:00
23a4386e95

addition of audit_only config Mark Bolwell 2023-11-21 09:49:36 +00:00
8784941179

audit variables seperated Mark Bolwell 2023-11-21 09:48:49 +00:00
7d64ebbca0

[pre-commit.ci] pre-commit autoupdate pre-commit-ci[bot] 2023-11-20 17:35:48 +00:00
c5a4866e1a

Merge pull request #110 from ansible-lockdown/pre-commit-ci-update-config uk-bolly 2023-11-16 14:39:49 +00:00
81594cbb80 Test inject facts as vars in CI Will Szumski 2023-11-15 18:13:22 +00:00
4cbbf8dfd8 Fix inject_facts_as_vars Will Szumski 2023-11-15 18:04:28 +00:00
1c15bb8f59

Adding solution for users with passwords. Fix block. root@DERVISHx 2023-11-15 11:24:51 +00:00
d51efffd50

[pre-commit.ci] pre-commit autoupdate pre-commit-ci[bot] 2023-11-13 17:46:18 +00:00
c6a51ad38a

Adding new entry in /etc/pam.d/system-auth root@DERVISHx 2023-11-10 15:28:12 +00:00
73dc65db12

Adding solution for users with passwords. root@DERVISHx 2023-11-10 15:03:04 +00:00
e54ddf59fa

Adding solution for users with passwords. root@DERVISHx 2023-11-10 14:59:55 +00:00
9c12cc07b2

Ensure min/max days between password changes. root@DERVISHx 2023-11-02 16:39:57 +00:00
50c8945565

Merge pull request #108 from ansible-lockdown/workflow_galaxy uk-bolly 2023-10-31 16:47:12 +00:00
df36a1e7af

updated workflow for galaxy and versions Mark Bolwell 2023-10-31 15:21:19 +00:00
0856639ab5

5.6.1.x Test with shell. root@DERVISHx 2023-10-25 15:03:43 +01:00
f00896e291

Fix syntax in cis_5.6.x.yml. root@DERVISHx 2023-10-20 09:25:21 +01:00
1f7b57f171 Revert "Fix sintax Error on cis_5.2.x.yml" root@DERVISHx 2023-10-20 09:17:49 +01:00
be0a0de9d1 Merge branch 'siemens/feat/ensure_SSH_access_is_limited_5_2_4' into 'siemens/rhel9/devel' Nuno Carvalho 2023-10-17 16:43:21 +02:00
d1721f5056

Add SSH Variables the proper way, fix vars. root@DERVISHx 2023-10-17 15:33:02 +01:00
8c7d8f1423

Add SSH Variables the proper way, condition entries correct. root@DERVISHx 2023-10-17 15:28:13 +01:00
29828974d0 Merge branch 'siemens/feat/ensure_default_umask_027_5_6_5' into 'siemens/rhel9/devel' Nuno Carvalho 2023-10-17 16:10:53 +02:00
2dadff76dc

Add SSH Variables the proper way, condition entries correct. root@DERVISHx 2023-10-17 15:08:11 +01:00
e4e0b9d0a3

Add SSH Variables the proper way, condition entries correct. root@DERVISHx 2023-10-17 14:17:00 +01:00
0b6d7833c7 Merge branch 'siemens/feat/ensure_default_umask_027_5_6_5' of code.siemens.com:infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis into siemens/feat/ensure_default_umask_027_5_6_5 root@DERVISHx 2023-10-17 13:26:47 +01:00
fa0b19cc5c Merge branch 'siemens/feat/ensure_SSH_access_is_limited_5_2_4' into 'siemens/rhel9/devel' Nuno Carvalho 2023-10-17 14:13:16 +02:00
5ab4a1c0ed

Add SSH Variables the proper way, condition entries correct. root@DERVISHx 2023-10-17 13:11:16 +01:00
aa4c427c54

Fix sintax Error on cis_5.2.x.yml root@DERVISHx 2023-10-16 18:26:04 +01:00
8319a028d8

Fix sintax Error on cis_5.2.x.yml root@DERVISHx 2023-10-16 14:51:34 +01:00
829766b949 Update cis_5.6.x.yml Nuno Carvalho 2023-10-16 15:42:54 +02:00
ae31f4ff8e Merge branch 'siemens/feat/ensure_default_umask_027_5_6_5' into 'siemens/rhel9/devel' Nuno Carvalho 2023-10-12 20:11:24 +02:00
154959af62

Adding new entry in /etc/pam.d/system-auth root@DERVISHx 2023-10-12 16:07:46 +01:00
76774003d5 Merge branch 'siemens/feat/reverse_path_filtering_3_3_7' into 'siemens/rhel9/devel' Bernd Grobauer 2023-10-12 13:00:31 +02:00
646b4decc1

Adding missing lines to sysctl.d/50-default.conf Bernd Grobauer 2023-10-12 12:56:20 +02:00
7a44e6b525 Merge branch 'devel' of https://github.com/brisky/RHEL9-CIS into devel root@DERVISHx 2023-10-10 16:56:45 +01:00
81c64730d0 was a test ignore. root@DERVISHx 2023-10-10 16:56:37 +01:00
9643e234cf Fancy 3.3.7, fix 5.6.5 root@DERVISHx 2023-10-10 16:56:00 +01:00
9fa57a2b41

Merge pull request #100 from ansible-lockdown/collections uk-bolly 2023-10-10 15:53:51 +01:00
aaa05fa672 5.6.5 Force umask sessions /etc/pam.d/system-auth root@DERVISHx 2023-10-10 14:07:53 +01:00
9d82d67577 5.6.5 Force umask on /etc/pam.d/system-aut root@DERVISHx 2023-10-10 14:06:32 +01:00
19460998b5 check source from git. root@DERVISHx 2023-10-10 13:34:50 +01:00
36335988ea Merge branch 'devel' of https://github.com/brisky/RHEL9-CIS into devel root@DERVISHx 2023-10-10 09:56:15 +01:00
3f835628c0 Fix 3_3_7 and 5_2_20 root@DERVISHx 2023-10-10 09:52:26 +01:00
c4714f5807

updated collections Mark Bolwell 2023-10-06 22:02:41 +01:00
63118b9b04 From rsyslog to jornald fix for 3.3.7 Removed unneded 4.2.1.x root@DERVISHx 2023-10-04 18:07:07 +01:00
d4177e98f6 4.2.2.3/4 journald compress & persistent. root@DERVISHx 2023-10-03 16:28:15 +01:00
3525cb6aab

Merge pull request #99 from ansible-lockdown/umask uk-bolly 2023-09-22 12:49:48 +01:00
729fac3580

updated 5.6.5 Mark Bolwell 2023-09-22 08:44:43 +01:00
60f756adb5

Merge pull request #98 from ansible-lockdown/sept_lint uk-bolly 2023-09-21 16:47:33 +01:00
076c02ea92

updated Mark Bolwell 2023-09-21 16:26:28 +01:00
e82b2cefac

quoted file mode Mark Bolwell 2023-09-21 16:25:59 +01:00
35dfa8770a

updated Mark Bolwell 2023-09-21 15:45:49 +01:00
11071a66ab

added pragma allowed Mark Bolwell 2023-09-21 15:36:05 +01:00
580ee762ee

fix filename Mark Bolwell 2023-09-21 15:35:35 +01:00
061483f15e

updated Mark Bolwell 2023-09-21 15:11:24 +01:00
e5d17f74ca

import_tasks file added Mark Bolwell 2023-09-21 15:08:37 +01:00
c5ed197e03

import_tasks file added Mark Bolwell 2023-09-21 15:07:52 +01:00
af20f70f24

updated test Mark Bolwell 2023-09-21 14:57:25 +01:00
a67a484971

import_tasks file added Mark Bolwell 2023-09-21 14:55:55 +01:00
e202d4bd68

lint updates Mark Bolwell 2023-09-21 14:55:00 +01:00
4072c5433f

Merge pull request #97 from ansible-lockdown/goss_version uk-bolly 2023-09-18 15:55:33 +01:00
f25110de0d

Merge branch 'devel' into goss_version Mark Bolwell 2023-09-18 14:13:32 +01:00
9c84884357

updated Mark Bolwell 2023-09-18 14:02:50 +01:00
f6fd7e02d3

git audit binary version updated Mark Bolwell 2023-09-18 14:02:44 +01:00
a3b12b71fb

Merge pull request #96 from ansible-lockdown/rule_1.8.1.1 uk-bolly 2023-09-18 13:41:26 +01:00
64416d59b7

updated discord link Mark Bolwell 2023-09-18 09:58:01 +01:00
d64414ce9b

updated test and control Mark Bolwell 2023-09-18 09:51:56 +01:00
7bb4040e04

Merge pull request #95 from ansible-lockdown/discord_link_update uk-bolly 2023-09-15 15:36:56 +01:00
279023d026

updated Mark Bolwell 2023-09-15 15:31:35 +01:00
18a44fc18e

Merge pull request #93 from ansible-lockdown/sept23 uk-bolly 2023-09-13 14:32:39 +01:00
43a339c74f

new var rhel9cis_rhel_default_repo Mark Bolwell 2023-09-07 14:23:12 +01:00
95140d3247

updated due to changes Mark Bolwell 2023-09-07 14:19:48 +01:00
371a797516

Fix file path to /etc/group Igor Šobot 2023-09-07 14:40:25 +02:00
8bd1767577

updated typos Mark Bolwell 2023-09-06 12:46:40 +01:00
3f32f9c58c

updated typos Mark Bolwell 2023-09-06 12:42:30 +01:00
18e59d32f1

more ansible_facst referenced #54 Mark Bolwell 2023-09-06 09:55:27 +01:00
7c7902772f

updated Mark Bolwell 2023-09-06 09:50:22 +01:00
04cb2e0f1d

#54 merged into new layout Mark Bolwell 2023-09-06 08:44:23 +01:00
8f3150e6c9

#60 addressed for ipb6 Mark Bolwell 2023-09-06 08:27:34 +01:00
00e6f196b5

Merge pull request #89 from ansible-lockdown/devel v1.1.0 uk-bolly 2023-08-10 14:25:08 +01:00
f683323262

Merge pull request #88 from ansible-lockdown/workflow_run uk-bolly 2023-08-10 14:13:01 +01:00
60e2ec5795

Added comment for os_check var Mark Bolwell 2023-08-10 13:55:18 +01:00
1f00849f3c

secrets update Mark Bolwell 2023-08-10 13:55:02 +01:00
438fc01630

Merge pull request #87 from ansible-lockdown/tidy_up uk-bolly 2023-08-10 12:35:24 +01:00
73cf599e48

removed quotes not required Mark Bolwell 2023-08-10 08:28:43 +01:00
65207ed2cf

Merge branch 'devel' into tidy_up Mark Bolwell 2023-08-10 08:25:14 +01:00