ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
RHEL9-CIS/tasks/section_2/cis_2.1.x.yml
Mark Bolwell e82b2cefac
quoted file mode 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2023-09-21 16:25:59 +01:00

40 lines
1 KiB
YAML
Raw Blame History

---
- name: "2.1.1 | PATCH | Ensure time synchronization is in use"
ansible.builtin.package:
name: chrony
state: present
when:
- rhel9cis_rule_2_1_1
- not system_is_container
tags:
- level1-server
- level1-workstation
- patch
- rule_2.1.1
- name: "2.1.2 | PATCH | Ensure chrony is configured"
block:
- name: "2.1.2 | PATCH | Ensure chrony is configured | Set configuration"
ansible.builtin.template:
src: etc/chrony.conf.j2
dest: /etc/chrony.conf
owner: root
group: root
mode: '0644'
- name: "2.1.2 | PATCH | Ensure chrony is configured | modify /etc/sysconfig/chronyd | 1"
ansible.builtin.lineinfile:
path: /etc/sysconfig/chronyd
regexp: "^(#)?OPTIONS"
line: "OPTIONS=\"-u chrony\""
create: true
mode: '0644'
when:
- rhel9cis_rule_2_1_2
- not system_is_container
tags:
- level1-server
- level1-workstation
- patch
- rule_2.1.2
Reference in a new issue View git blame Copy permalink