forked from ansible-lockdown/RHEL9-CIS
updated rule
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell
parent
d3f2677fd5
commit
3c66b3f83c
2 changed files with 5 additions and 4 deletions
|
|
@ -8,7 +8,6 @@
|
|||
register: audit_rules_updated
|
||||
notify: restart auditd
|
||||
|
||||
|
||||
- name: POST | Set up auditd user logging exceptions
|
||||
template:
|
||||
src: audit/98_auditd_exception.rules.j2
|
||||
|
|
@ -17,7 +16,9 @@
|
|||
group: root
|
||||
mode: 0600
|
||||
notify: restart auditd
|
||||
when: allow_auditd_uid_user_exclusions
|
||||
when:
|
||||
- allow_auditd_uid_user_exclusions
|
||||
- rhel9cis_auditd_uid_exclude | length > 0
|
||||
|
||||
- name: POST | AUDITD | Discover if auditd immutable - Set reboot required if auditd immutable
|
||||
block:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue