RHEL9-CIS

ansible-lockdown/RHEL9-CIS

Fork 1

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 07:23:07 +00:00

Commit graph

33ebfea653

sysctl control improvements Mark Bolwell 2022-06-20 17:03:18 +01:00
fb1c6e9232

added libselinux requirement Mark Bolwell 2022-06-17 11:24:14 +01:00
91da6ffaa2

updated testing Mark Bolwell 2022-06-17 11:23:57 +01:00
c0c24ec8ef

improved test with idempotency Mark Bolwell 2022-06-17 11:23:44 +01:00
70942f45ea

updated to use almalinux image Mark Bolwell 2022-06-13 17:05:20 +01:00
193fded908

removed tfstate files Mark Bolwell 2022-06-13 17:04:43 +01:00
cbe3ca1585

Merge pull request #17 from ansible-lockdown/improvements uk-bolly 2022-06-09 13:52:36 +01:00
333e1d2329

updted syslog logic for audit Mark Bolwell 2022-06-08 12:31:29 +01:00
fdb3eb6286

terraform format Mark Bolwell 2022-06-07 12:01:30 +01:00
a8446b989b

added latest rhel9 image Mark Bolwell 2022-06-07 10:23:18 +01:00
2090cc4a45

not required file Mark Bolwell 2022-06-07 10:07:26 +01:00
2c4718fb75

fix title Mark Bolwell 2022-06-07 10:07:19 +01:00
0212c6aec3

Merge pull request #16 from ansible-lockdown/improvements uk-bolly 2022-05-17 14:49:52 +01:00
93e3f7bf46

conditional and warning msg std Mark Bolwell 2022-05-11 11:20:12 +01:00
2ecc61649e

Std Warning msg Mark Bolwell 2022-05-11 11:19:50 +01:00
cbb5ff7cc2

Added git install to step Mark Bolwell 2022-05-11 11:19:33 +01:00
9368c1e17e

updated for rh9 Mark Bolwell 2022-05-11 09:57:44 +01:00
5ce4b873d7

removed rh8 checks Mark Bolwell 2022-05-11 09:57:33 +01:00
63c82f8305

Removed python 2/3 checks for rh7/8 Mark Bolwell 2022-05-11 09:42:31 +01:00
d5cce24f00

Merge pull request #14 from alewando/umask_fix uk-bolly 2022-05-11 09:38:42 +01:00
e04235263d Another version check Adam Lewandowski 2022-05-09 14:07:47 -04:00
d687cd8b44 Fix version check to not be a simple string compare Adam Lewandowski 2022-05-09 13:46:44 -04:00
b9a3e3d2c6 Fix UMASK hardening Adam Lewandowski 2022-05-09 13:47:12 -04:00
0348777c0b

Merge pull request #12 from alewando/var_defaults uk-bolly 2022-05-06 16:39:09 +01:00
581eb70b48 Restore rhel9cis_pam_faillock.remember, as it is used by rules 5.5.3 and 5.5.4 Adam Lewandowski 2022-05-06 10:59:53 -04:00
62649cb6c5 Updated rhel9cis_pam_faillock defaults to only those needed for RHEL9 Adam Lewandowski 2022-05-06 08:36:15 -04:00
85afda6413 Add missing variable defaults for 'rhel9cis_pam_faillock' Adam Lewandowski 2022-05-05 10:28:41 -04:00
e93d1ca735

Merge pull request #11 from ansible-lockdown/audit_vars uk-bolly 2022-05-04 16:32:07 +01:00
3fc813361f

fixed typo Mark Bolwell 2022-05-03 16:34:31 +01:00
627f6e291d

updated environment options Mark Bolwell 2022-05-03 10:22:00 +01:00
f36d608335

new layout Mark Bolwell 2022-04-28 17:28:50 +01:00
2585cda7bc

updated Mark Bolwell 2022-04-28 15:26:52 +01:00
71562513f7

updated Mark Bolwell 2022-04-28 15:16:11 +01:00
0d3147f2d3

updated conf Mark Bolwell 2022-04-28 15:09:14 +01:00
8b186add71

updated conf Mark Bolwell 2022-04-28 15:05:32 +01:00
816f431fb2

updated conf Mark Bolwell 2022-04-28 15:03:11 +01:00
215d96f179

updated conf Mark Bolwell 2022-04-28 15:02:04 +01:00
f767b6b1a9

updated conf Mark Bolwell 2022-04-28 14:55:44 +01:00
c7dd63bc0a

updated conf Mark Bolwell 2022-04-28 14:33:13 +01:00
a2630386b7

updated to ansible-playbook module Mark Bolwell 2022-04-28 14:31:47 +01:00
aed392c26d

updated conf Mark Bolwell 2022-04-28 14:31:08 +01:00
80a4f32a47

added initial Mark Bolwell 2022-04-28 13:44:00 +01:00
7ec8b73375

initial RTD testing Mark Bolwell 2022-04-28 12:15:53 +01:00
33cfc54a5e

Merge pull request #9 from ansible-lockdown/lint uk-bolly 2022-04-27 09:09:11 +01:00
91600af889

yamllint Mark Bolwell 2022-04-26 16:01:56 +01:00
8361791c51

Merge pull request #8 from ansible-lockdown/rh8_2.0 uk-bolly 2022-04-26 15:58:05 +01:00
32f5817007

added missing test to 3.3.7 Mark Bolwell 2022-04-26 12:01:20 +01:00
83f0fb30ec

updated regex Mark Bolwell 2022-04-26 12:01:06 +01:00
e807498ed8

updated for correct service name Mark Bolwell 2022-04-25 18:32:33 +01:00
2c9587e666

updated for rh9 only Mark Bolwell 2022-04-25 18:30:43 +01:00
9a1ab79199

updated test Mark Bolwell 2022-04-25 18:29:53 +01:00
a8602689b8

updated issues and added improvements Mark Bolwell 2022-04-25 16:58:11 +01:00
49ab8c6f9f

updates for rh9 Mark Bolwell 2022-04-11 17:40:50 +01:00
f66d271cee

controlid updates Mark Bolwell 2022-04-11 17:39:30 +01:00
2a421fcea6

logrotate changes reflected Mark Bolwell 2022-04-11 17:39:13 +01:00
4bd971fdcd

selinux updates Mark Bolwell 2022-04-11 17:38:26 +01:00
08e48fbe83

updated grub controls Mark Bolwell 2022-04-11 17:38:01 +01:00
9c519482a8

fixed typo Mark Bolwell 2022-04-07 10:04:46 +01:00
b8bb7912a1

removed iptables - not valid in rh9 Mark Bolwell 2022-04-06 17:29:57 +01:00
82d1d18504

consistent lineinfile usage Mark Bolwell 2022-04-06 16:58:03 +01:00
02d686f920

removed default state Mark Bolwell 2022-04-06 16:38:24 +01:00
e27e5276e4

updated Mark Bolwell 2022-04-06 16:32:53 +01:00
ae6b6866e0

fix typo Mark Bolwell 2022-04-06 16:32:36 +01:00
e4275b2131

updated conditional Mark Bolwell 2022-04-06 16:32:25 +01:00
9c771e03e4

use new var name Mark Bolwell 2022-04-06 16:32:14 +01:00
7374c37510

updates var naming Mark Bolwell 2022-04-06 16:31:57 +01:00
c451f15546

audit vars Mark Bolwell 2022-04-06 15:42:05 +01:00
783c45d622

changed logic Mark Bolwell 2022-04-05 16:56:27 +01:00
21bd88bdac

fixed control Mark Bolwell 2022-04-05 16:56:12 +01:00
0b684a5d43

fix typo Mark Bolwell 2022-04-05 16:56:02 +01:00
e9d212437a

firewall pkgs to masked as default Mark Bolwell 2022-04-05 13:07:36 +01:00
bb7869adad

fixed 4.2.1.5 cron settings Mark Bolwell 2022-04-05 13:06:46 +01:00
13a6746997

lint Mark Bolwell 2022-04-05 10:24:47 +01:00
4e873bc0d6

added nfsnobody Mark Bolwell 2022-04-05 10:09:06 +01:00
d5065c1a82

lint Mark Bolwell 2022-04-05 10:08:53 +01:00
2bf95bf3da

default mask nftable for firewalld Mark Bolwell 2022-04-05 10:08:42 +01:00
32c409cb48

reorder 3.4.1.2 Mark Bolwell 2022-04-05 10:08:21 +01:00
96abe45eb2

fix template path Mark Bolwell 2022-04-05 10:08:06 +01:00
0ef9e990cc

tidy and fix titles Mark Bolwell 2022-04-05 08:48:53 +01:00
d9b807c325

change lineinfile to path Mark Bolwell 2022-04-05 08:45:11 +01:00
3d5fd41ed8

pam vars Mark Bolwell 2022-04-04 19:31:02 +01:00
223254b5c9

rewrite Mark Bolwell 2022-04-04 19:30:52 +01:00
b3a6f89ae0

lint Mark Bolwell 2022-04-04 19:30:40 +01:00
2eeccbdc69

fixed regex Mark Bolwell 2022-04-04 19:30:14 +01:00
9a0ac22331

fix tag typo Mark Bolwell 2022-04-04 16:20:27 +01:00
e03f7194ff

added validate Mark Bolwell 2022-04-04 16:16:31 +01:00
790db75501

added validate & typo fixes Mark Bolwell 2022-04-04 16:12:47 +01:00
ca24e923c4

updated template names Mark Bolwell 2022-04-04 15:16:17 +01:00
49760449d0

netwokr protocol template Mark Bolwell 2022-04-04 15:15:54 +01:00
842b295ecf

firewall pkg control - prefer log capture Mark Bolwell 2022-04-04 15:15:40 +01:00
adcc647dd4

masked or removal options Mark Bolwell 2022-04-04 15:14:59 +01:00
b4eefdbdd3

2.2.18 update Mark Bolwell 2022-04-04 15:14:24 +01:00
fef891dc1b

tidy up sysctl templates Mark Bolwell 2022-04-04 15:14:13 +01:00
8b8aef291b

updated masked options Mark Bolwell 2022-04-04 14:40:58 +01:00
4dfacd9e3b

updated server/service vars Mark Bolwell 2022-04-04 12:50:41 +01:00
39780562c1

section 1 updates Mark Bolwell 2022-04-04 12:07:07 +01:00
bfbcede072

fixed tags Mark Bolwell 2022-04-01 17:19:52 +01:00
2d21f8a98e

tidy up vars Mark Bolwell 2022-04-01 17:09:53 +01:00
2565df6047

removed notauto var as not used Mark Bolwell 2022-04-01 16:41:05 +01:00
a7403f860f

removed travis variable Mark Bolwell 2022-04-01 16:37:24 +01:00