sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

removed skip_ansible_lint tag

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-11-19 14:03:46 +00:00
parent ed551c9a7a
commit 576475d851
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
9 changed files with 0 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
handlers/main.yml
View file

@ -57,8 +57,6 @@
- name: Grub2cfg - name: Grub2cfg
ansible.builtin.shell: "grub2-mkconfig -o /boot/grub2/grub.cfg" ansible.builtin.shell: "grub2-mkconfig -o /boot/grub2/grub.cfg"
ignore_errors: true # noqa ignore-errors ignore_errors: true # noqa ignore-errors
tags:
- skip_ansible_lint
- name: Restart rsyslog - name: Restart rsyslog
ansible.builtin.systemd: ansible.builtin.systemd:
@ -102,8 +100,6 @@
- name: Restart auditd - name: Restart auditd
ansible.builtin.shell: service auditd restart ansible.builtin.shell: service auditd restart
tags:
- skip_ansible_lint
- name: Change_requires_reboot - name: Change_requires_reboot
ansible.builtin.set_fact: ansible.builtin.set_fact:

1
tasks/section_1/cis_1.1.3.x.yml
View file

@ -45,6 +45,5 @@
- level1-workstation - level1-workstation
- patch - patch
- mounts - mounts
- skip_ansible_lint
- rule_1.1.3.2 - rule_1.1.3.2
- rule_1.1.3.3 - rule_1.1.3.3

1
tasks/section_1/cis_1.1.4.x.yml
View file

@ -48,7 +48,6 @@
- level1-workstation - level1-workstation
- patch - patch
- mounts - mounts
- skip_ansible_lint
- rule_1.1.4.2 - rule_1.1.4.2
- rule_1.1.4.3 - rule_1.1.4.3
- rule_1.1.4.4 - rule_1.1.4.4

2
tasks/section_1/cis_1.1.5.x.yml
View file

@ -22,7 +22,6 @@
- audit - audit
- mounts - mounts
- rule_1.1.5.1 - rule_1.1.5.1
- skip_ansible_lint
- name: | - name: |
"1.1.5.2 | PATCH | Ensure nodev option set on /var/log partition" "1.1.5.2 | PATCH | Ensure nodev option set on /var/log partition"
@ -48,7 +47,6 @@
- level1-workstation - level1-workstation
- patch - patch
- mounts - mounts
- skip_ansible_lint
- rule_1.1.5.2 - rule_1.1.5.2
- rule_1.1.5.3 - rule_1.1.5.3
- rule_1.1.5.4 - rule_1.1.5.4

1
tasks/section_1/cis_1.1.6.x.yml
View file

@ -47,7 +47,6 @@
- level1-workstation - level1-workstation
- patch - patch
- mounts - mounts
- skip_ansible_lint
- rule_1.1.6.2 - rule_1.1.6.2
- rule_1.1.6.3 - rule_1.1.6.3
- rule_1.1.6.4 - rule_1.1.6.4

2
tasks/section_1/cis_1.1.7.x.yml
View file

@ -22,7 +22,6 @@
- audit - audit
- mounts - mounts
- rule_1.1.7.1 - rule_1.1.7.1
- skip_ansible_lint
- name: | - name: |
"1.1.7.2 | PATCH | Ensure nodev option set on /home partition "1.1.7.2 | PATCH | Ensure nodev option set on /home partition
@ -48,4 +47,3 @@
- mounts - mounts
- rule_1.1.7.2 - rule_1.1.7.2
- rule_1.1.7.3 - rule_1.1.7.3
- skip_ansible_lint

1
tasks/section_1/cis_1.1.8.x.yml
View file

@ -29,7 +29,6 @@
- audit - audit
- mounts - mounts
- rule_1.1.8.1 - rule_1.1.8.1
- skip_ansible_lint
- name: | - name: |
"1.1.8.2 | PATCH | Ensure nodev option set on /dev/shm partition | Set nodev option "1.1.8.2 | PATCH | Ensure nodev option set on /dev/shm partition | Set nodev option

1
tasks/section_1/cis_1.2.x.yml
View file

@ -85,7 +85,6 @@
- manual - manual
- audit - audit
- rule_1.2.3 - rule_1.2.3
- skip_ansible_lint
- name: "1.2.4 | AUDIT | Ensure repo_gpgcheck is globally activated" - name: "1.2.4 | AUDIT | Ensure repo_gpgcheck is globally activated"
block: block:

2
tasks/section_1/cis_1.9.yml
View file

@ -7,10 +7,8 @@
notify: Change_requires_reboot notify: Change_requires_reboot
when: when:
- rhel9cis_rule_1_9 - rhel9cis_rule_1_9
- not system_is_ec2
tags: tags:
- level1-server - level1-server
- level1-workstation - level1-workstation
- patch - patch
- rule_1.9 - rule_1.9
- skip_ansible_lint