boolean variable true/false

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2022-01-13 16:51:17 +00:00 · 2022-01-13 16:51:17 +00:00 · 54f4e0b4b8
commit 54f4e0b4b8
parent 727095ca35
26 changed files with 92 additions and 90 deletions
--- a/tasks/section_6/cis_6.2.x.yml
+++ b/tasks/section_6/cis_6.2.x.yml
@ -37,7 +37,7 @@
        shell: 'echo $PATH | grep ::'
        args:
            warn: false
-        check_mode: no
+        check_mode: false
        register: path_colon
        changed_when: False
        failed_when: path_colon.rc == 0
@ -46,7 +46,7 @@
        shell: 'echo $PATH | grep :$'
        args:
            warn: false
-        check_mode: no
+        check_mode: false
        register: path_colon_end
        changed_when: False
        failed_when: path_colon_end.rc == 0
@ -55,7 +55,7 @@
        shell: "/bin/bash --login -c 'env | grep ^PATH=' | sed -e 's/PATH=//' -e 's/::/:/' -e 's/:$//' -e 's/:/\\n/g'"
        args:
            warn: false
-        check_mode: no
+        check_mode: false
        register: dot_in_path
        changed_when: False
        failed_when: '"." in dot_in_path.stdout_lines'
@ -156,7 +156,7 @@
      - name: "6.2.7 | L1 | PATCH | Ensure users' home directories permissions are 750 or more restrictive"
        file:
            path: "{{ item.0 }}"
-            recurse: yes
+            recurse: true
            mode: a-st,g-w,o-rwx
        register: rhel_09_6_2_7_patch
        when:
@ -172,9 +172,9 @@
      - name: "6.2.7 | L1 | PATCH | Ensure users' home directories permissions are 750 or more restrictive"
        acl:
            path: "{{ item.0 }}"
-            default: yes
+            default: true
            state: present
-            recursive: yes
+            recursive: true
            etype: "{{ item.1.etype }}"
            permissions: "{{ item.1.mode }}"
        when: not rhel9cis_system_is_container
@ -414,7 +414,7 @@
            warn: false
        changed_when: false
        failed_when: false
-        check_mode: no
+        check_mode: false
        register: group_group_check

      - name: "6.2.18 | L1 | AUDIT | Ensure no duplicate group names exist | Print message that no duplicate groups exist"
@ -442,7 +442,7 @@
            warn: false
        changed_when: false
        failed_when: false
-        check_mode: no
+        check_mode: false
        register: rhel9cis_shadow_gid

      - name: "6.2.19 | L1 | AUDIT | Ensure shadow group is empty | Check /etc/group for empty shadow group"
@ -451,7 +451,7 @@
            warn: false
        changed_when: false
        failed_when: false
-        check_mode: no
+        check_mode: false
        register: rhel9cis_empty_shadow

      - name: "6.2.19 | L1 | AUDIT | Ensure shadow group is empty | Check for users assigned to shadow"
@ -460,7 +460,7 @@
            warn: false
        changed_when: false
        failed_when: false
-        check_mode: no
+        check_mode: false
        register: rhel9cis_shadow_passwd

      - name: "6.2.19 | L1 | AUDIT | Ensure shadow group is empty | Alert shadow group is empty and no users assigned"
@ -520,7 +520,7 @@
      - name: "6.2.20 | L1 | PATCH | Ensure all users' home directories exist"
        file:
            path: "{{ item.0 }}"
-            recurse: yes
+            recurse: true
            mode: a-st,g-w,o-rwx
        register: rhel_09_6_2_20_patch
        when:
@ -536,9 +536,9 @@
      - name: "6.2.20 | L1 | PATCH | Ensure all users' home directories exist"
        acl:
            path: "{{ item.0 }}"
-            default: yes
+            default: true
            state: present
-            recursive: yes
+            recursive: true
            etype: "{{ item.1.etype }}"
            permissions: "{{ item.1.mode }}"
        when: not rhel9cis_system_is_container