Merge pull request #89 from ansible-lockdown/devel

workflow check run
2023-08-10 14:25:08 +01:00 · 2023-08-10 14:25:08 +01:00 · 00e6f196b5
commit 00e6f196b5
parent 4567a0baad f683323262
4 changed files with 9 additions and 8 deletions
--- a/.config/.secrets.baseline
+++ b/.config/.secrets.baseline
@ -124,7 +124,7 @@
        "filename": "defaults/main.yml",
        "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
        "is_verified": false,
-        "line_number": 363,
+        "line_number": 364,
        "is_secret": false
      },
      {
@ -132,7 +132,7 @@
        "filename": "defaults/main.yml",
        "hashed_secret": "fe96f7cfa2ab2224e7d015067a6f6cc713f7012e",
        "is_verified": false,
-        "line_number": 374,
+        "line_number": 375,
        "is_secret": false
      },
      {
@ -140,7 +140,7 @@
        "filename": "defaults/main.yml",
        "hashed_secret": "a415ab5cc17c8c093c015ccdb7e552aee7911aa4",
        "is_verified": false,
-        "line_number": 375,
+        "line_number": 376,
        "is_secret": false
      }
    ],
@ -172,5 +172,5 @@
      }
    ]
  },
-  "generated_at": "2023-08-09T08:11:03Z"
+  "generated_at": "2023-08-10T12:54:13Z"
 }
--- a/README.md
+++ b/README.md
@ -111,7 +111,7 @@ OracleLinux 9
 CentOS stream - while this will generally work it is not supported and requires the following variable setting
 ```sh
-check_os: false
+os_check: false
 ```
 **General:**
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -8,6 +8,7 @@ container_vars_file: is_container.yml
 system_is_ec2: false
 # Run the OS validation check
 # Supported OSs will not need for this to be changed - see README e.g. CentOS
 os_check: true
 rhel9cis_section1: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -44,14 +44,14 @@
      - user_passwd
      - rule_5.3.4
- name: "Ensure root password is set"
+- name: Ensure root password is set
  block:
-      - name: "Ensure root password is set"
+      - name: Ensure root password is set
        ansible.builtin.shell: passwd -S root | grep "Password set, SHA512 crypt"
        changed_when: false
        register: root_passwd_set
-      - name: "Ensure root password is set"
+      - name: Ensure root password is set
        ansible.builtin.assert:
            that: root_passwd_set.rc == 0
            fail_msg: "You have rule 5.6.6 enabled this requires that you have a root password set"