sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

with_items to loop

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-01-26 08:30:26 +00:00
parent 904d7811d4
commit 8694bfde75
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
4 changed files with 8 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_5/cis_5.5.x.yml
View file

@ -7,7 +7,7 @@
path: /etc/security/pwquality.conf
regexp: ^{{ item.name }}
line: "{{ item.name }} = {{ item.value }}"
with_items:
loop:
- { name: minlen, value: "{{ rhel9cis_pam_password.minlen }}" }
- { name: minclass, value: "{{ rhel9cis_pam_password.minclass }}" }
@ -37,7 +37,7 @@
path: /etc/security/faillock.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
loop:
- { regexp: '^\s*deny\s*=\s*[1-5]\b', line: 'deny = 5' }
- { regexp: '^\s*unlock_time\s*=\s*(0|9[0-9][0-9]|[1-9][0-9][0-9][0-9]+)\b', line: 'unlock_time = 900' }
when: