sysctl control improvements

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2022-06-20 17:03:18 +01:00 · 2022-06-20 17:03:18 +01:00 · 33ebfea653
commit 33ebfea653
parent fb1c6e9232
4 changed files with 118 additions and 72 deletions
--- a/tasks/section_1/cis_1.5.x.yml
+++ b/tasks/section_1/cis_1.5.x.yml
@ -32,10 +32,13 @@
      - rule_1.5.2

 - name: "1.5.3 | PATCH | Ensure address space layout randomization (ASLR) is enabled"
-  debug:
-      msg: "Control being set via Handler 'update sysctl' which writes to /etc/sysctl.d/60-kernel_sysctl.conf"
-  notify:
-      - update sysctl
+  block:
+      - name: "1.5.3 | PATCH | Ensure address space layout randomization (ASLR) is enabled"
+        set_fact:
+            sysctl_update: true
+      - name: "1.5.3 | PATCH | Ensure address space layout randomization (ASLR) is enabled"
+        debug:
+            msg: "Control being set via Handler 'update sysctl' which writes to /etc/sysctl.d/60-kernel_sysctl.conf"
  when:
      - rhel9cis_rule_1_5_3
  tags: