sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Gpg import for rhel servers (#185)

Browse source 
* change logic thanks to @rjacobs1990 see #175

* 1.2.1 force gpg import rhel

* fix missing facts

---------

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
uk-bolly 2024-03-06 09:10:06 +00:00 committed by GitHub
parent 0215412e9b
commit 0f58436212
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 37 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
defaults/main.yml
View file

@ -424,6 +424,11 @@ rhel9cis_rule_6_2_16: true
# These /tmp settings will include nosuid,nodev,noexec to conform to CIS standards.
rhel9cis_tmp_svc: false
## Control 1.2.1
# For new systems that have not yet run update the gpg key is not yet imported
# Setting to `true` will allow a test on the package and the foce the import of the key
rhel9cis_force_gpg_key_import: true
## Control 1.2.4
# When installing RHEL from authorized Red Hat source, RHEL will come with default YUM repository. NOT having a default YUM
# repo ('rhel9cis_rhel_default_repo' set as 'false'), in conjunction with 'rhel9cis_rule_enable_repogpg' set as 'True', will enable the tasks