fqcn updates

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2023-01-19 13:12:33 +00:00 · 2023-01-19 13:12:33 +00:00 · 4e8397b89e
commit 4e8397b89e
parent 4e1ee6f8e6
4 changed files with 7 additions and 10 deletions
--- a/tasks/section_1/cis_1.1.1.x.yml
+++ b/tasks/section_1/cis_1.1.1.x.yml
@ -11,7 +11,7 @@
            mode: 0600

      - name: "1.1.1.1 | PATCH | Ensure mounting of squashfs filesystems is disabled | blacklist"
-        lineinfile:
+        ansible.builtin.lineinfile:
            path: /etc/modprobe.d/blacklist.conf
            regexp: "^(#)?blacklist squashfs(\\s|$)"
            line: "blacklist squashfs"
@ -19,7 +19,7 @@
            mode: 0600

      - name: "1.1.1.1 | PATCH | Ensure mounting of squashfs filesystems is disabled | Disable squashfs"
-        modprobe:
+        community.general.modprobe:
            name: squashfs
            state: absent
        when: not system_is_container
@ -44,7 +44,7 @@
            mode: 0600

      - name: "1.1.1.2 | PATCH | Ensure mounting of udf filesystems is disabled | blacklist"
-        lineinfile:
+        ansible.builtin.lineinfile:
            path: /etc/modprobe.d/blacklist.conf
            regexp: "^(#)?blacklist udf(\\s|$)"
            line: "blacklist udf"
@ -52,7 +52,7 @@
            mode: 0600

      - name: "1.1.1.2 | PATCH | Ensure mounting of udf filesystems is disable | Disable udf"
-        modprobe:
+        community.general.modprobe:
            name: udf
            state: absent
        when: not system_is_container
--- a/tasks/section_1/cis_1.1.7.x.yml
+++ b/tasks/section_1/cis_1.1.7.x.yml
@ -1,8 +1,5 @@
 ---

- ansible.builtin.debug:
-    msg: "{{ mount_names }}"
-
 - name: "1.1.7.1 | AUDIT | Ensure separate partition exists for /home"
  block:
      - name: "1.1.7.1 | AUDIT | Ensure separate partition exists for /home | Absent"
--- a/tasks/section_1/cis_1.1.x.yml
+++ b/tasks/section_1/cis_1.1.x.yml
@ -18,7 +18,7 @@
            state: absent

      - name: "1.1.9 | PATCH | Disable USB Storage | blacklist"
-        lineinfile:
+        ansible.builtin.lineinfile:
            path: /etc/modprobe.d/blacklist.conf
            regexp: "^(#)?blacklist usb-storage(\\s|$)"
            line: "blacklist usb-storage"
--- a/tasks/section_1/cis_1.8.x.yml
+++ b/tasks/section_1/cis_1.8.x.yml
@ -70,7 +70,7 @@
      - rule_1.8.3

 - name: "1.8.4 | PATCH | Ensure GDM screen locks when the user is idle"
-  copy:
+  ansible.builtin.copy:
      dest: /etc/dconf/db/local.d/00-screensaver
      content: |
          [org/gnome/desktop/session]
@ -90,7 +90,7 @@
      - rule_1.8.4

 - name: "1.8.5 PATCH | Ensure GDM screen locks cannot be overridden"
-  lineinfile:
+  ansible.builtin.lineinfile:
      path: /etc/dconf/db/local.d/locks/session
      create: true
      line: /org/gnome/desktop/screensaver/lock-delay