sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Update prelim logic to address #382

Browse source 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
This commit is contained in:
Frederick Witty 2025-09-09 15:12:01 -04:00
parent 2dfa9266a8
commit 5794114b3e
No known key found for this signature in database
GPG key ID: D29987C25A47D813
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Changelog.md
View file

@ -1,6 +1,7 @@
# Changes to rhel9CIS # Changes to rhel9CIS
## 2.0.3 - Based on CIS v2.0.0 ## 2.0.3 - Based on CIS v2.0.0
- addressed issue #382 to improve regex logic on 5.4.2.4
- improvment on crypto policy managed controls with var logic - improvment on crypto policy managed controls with var logic
- addressed issue #384 thank you @polski-g - addressed issue #384 thank you @polski-g
- update command to shell module on tasks - update command to shell module on tasks

2
tasks/main.yml
View file

@ -134,7 +134,7 @@
- rule_5.4.2.4 - rule_5.4.2.4
block: block:
- name: "Ensure root password is set" - name: "Ensure root password is set"
ansible.builtin.shell: LC_ALL=C passwd -S root | grep -E "(Password set, SHA512 crypt|Password locked)" ansible.builtin.shell: LC_ALL=C passwd -S root | grep -E "(Password set|Password locked)"
changed_when: false changed_when: false
failed_when: prelim_root_passwd_set.rc not in [ 0, 1 ] failed_when: prelim_root_passwd_set.rc not in [ 0, 1 ]
register: prelim_root_passwd_set register: prelim_root_passwd_set