sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

v2 improvements

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-08-07 10:29:03 +01:00
parent 7c2a6a2a89
commit 0fc418a222
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
14 changed files with 542 additions and 709 deletions
Download patch file Download diff file Expand all files Collapse all files

7
tasks/section_5/cis_5.4.2.x.yml
View file

@ -51,10 +51,9 @@
- discovered_gid0_members.stdout | length > 0
ansible.builtin.user:
name: "{{ item }}"
gid: 0
group: root
state: absent
loop:
- discovered_gid0_members.stdout_lines
loop: "{{ discovered_gid0_members.stdout_lines }}"
- name: "5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group"
when:
@ -96,7 +95,7 @@
vars:
warn_control_id: '5.4.2.3'
- name: "5.4.2.4 | PATCH | Ensure root account access is controlled"
- name: "5.4.2.4 | PATCH | Ensure root account access is controlled "
when:
- rhel9cis_rule_5_4_2_4
tags: