sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

updated logic on 7.12 and 7.13 thansk to @yinggs

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-11-04 14:10:10 +00:00
parent 98795d440c
commit 13ab9d5440
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_7/cis_7.1.x.yml
View file

@ -233,7 +233,7 @@
- name: "7.1.12 | AUDIT | Ensure no files or directories without an owner and a group exist | Flatten no_user_items results for easier use"
ansible.builtin.set_fact:
discovered_unowned_files_flatten: "{{ discovered_unowned_files.results | map(attribute='stdout_lines') | flatten }}"
discovered_unowned_files_flatten: "{{ discovered_unowned_files.results | selectattr('stdout_lines', 'defined') | map(attribute='stdout_lines') | flatten }}"
- name: "7.1.12 | AUDIT | Ensure no files or directories without an owner and a group exist | Alert on unowned files and directories"
when:
@ -295,7 +295,7 @@
- name: "7.1.13 | AUDIT | Audit SUID executables | Flatten suid_executables results for easier use"
ansible.builtin.set_fact:
discovered_suid_sgid_files_flatten: "{{ discovered_suid_sgid_files.results | map(attribute='stdout_lines') | flatten }}"
discovered_suid_sgid_files_flatten: "{{ discovered_suid_sgid_files.results | selectattr('stdout_lines', 'defined') | map(attribute='stdout_lines') | flatten }}"
- name: "7.1.13 | AUDIT | Audit SUID executables | Alert SUID executables exist"
when: