sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

update blacklist

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-01-19 11:28:53 +00:00
parent b8085e5dc0
commit 184832d2ac
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
1 changed files with 18 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tasks/section_3/cis_3.1.x.yml
View file

@ -53,6 +53,8 @@
- wireless - wireless
- rule_3.1.2 - rule_3.1.2
- name: "3.1.3 | PATCH | Ensure TIPC is disabled"
block:
- name: "3.1.3 | PATCH | Ensure TIPC is disabled" - name: "3.1.3 | PATCH | Ensure TIPC is disabled"
ansible.builtin.template: ansible.builtin.template:
src: "etc/modprobe.d/modprobe.conf.j2" src: "etc/modprobe.d/modprobe.conf.j2"
@ -62,6 +64,14 @@
group: root group: root
with_items: with_items:
- tipc - tipc
- name: "3.1.3 | PATCH | Ensure TIPC is disabled | blacklist"
ansible.builtin.lineinfile:
path: /etc/modprobe.d/blacklist.conf
regexp: "^(#)?blacklist tipc(\\s|$)"
line: "blacklist tipc"
create: true
mode: 0600
when: when:
- rhel9cis_rule_3_1_3 - rhel9cis_rule_3_1_3
tags: tags: