sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

fixed thanks to cf-sewe

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-02-07 16:44:41 +00:00
parent 9db4b7fd81
commit 59e22e8600
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_5/cis_5.4.x.yml
View file

@ -24,7 +24,7 @@
dest: /etc/pam.d/system-auth dest: /etc/pam.d/system-auth
state: present state: present
regexp: '^password requisite pam_pwquality.so' regexp: '^password requisite pam_pwquality.so'
line: "password requisite pam_pwquality.so try_first_pass local_users_only enforce-for-root retry=3 remember={{ rhel9cis_pam_faillock.remember }}" line: "password requisite pam_pwquality.so try_first_pass local_users_only enforce_for_root retry=3 remember={{ rhel9cis_pam_faillock.remember }}"
insertbefore: '^#?password ?' insertbefore: '^#?password ?'
when: when:
- rhel9cis_rule_5_4_1 or - rhel9cis_rule_5_4_1 or
@ -35,7 +35,7 @@
dest: /etc/pam.d/password-auth dest: /etc/pam.d/password-auth
state: present state: present
regexp: '^password requisite pam_pwquality.so' regexp: '^password requisite pam_pwquality.so'
line: "password requisite pam_pwquality.so try_first_pass local_users_only enforce-for-root retry=3" line: "password requisite pam_pwquality.so try_first_pass local_users_only enforce_for_root retry=3"
insertbefore: '^#?password ?' insertbefore: '^#?password ?'
when: rhel9cis_rule_5_4_1 when: rhel9cis_rule_5_4_1