sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Merge pull request #87 from ansible-lockdown/tidy_up

Browse source 
Tidy up
This commit is contained in:
uk-bolly 2023-08-10 12:35:24 +01:00 committed by GitHub
commit 438fc01630
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -111,7 +111,7 @@ OracleLinux 9
CentOS stream - while this will generally work it is not supported and requires the following variable setting CentOS stream - while this will generally work it is not supported and requires the following variable setting
```sh ```sh
check_os: false os_check: false
``` ```
**General:** **General:**

6
tasks/main.yml
View file

@ -44,14 +44,14 @@
- user_passwd - user_passwd
- rule_5.3.4 - rule_5.3.4
- name: "Ensure root password is set" - name: Ensure root password is set
block: block:
- name: "Ensure root password is set" - name: Ensure root password is set
ansible.builtin.shell: passwd -S root | grep "Password set, SHA512 crypt" ansible.builtin.shell: passwd -S root | grep "Password set, SHA512 crypt"
changed_when: false changed_when: false
register: root_passwd_set register: root_passwd_set
- name: "Ensure root password is set" - name: Ensure root password is set
ansible.builtin.assert: ansible.builtin.assert:
that: root_passwd_set.rc == 0 that: root_passwd_set.rc == 0
fail_msg: "You have rule 5.6.6 enabled this requires that you have a root password set" fail_msg: "You have rule 5.6.6 enabled this requires that you have a root password set"