sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Lint updates

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-12-11 11:49:02 +00:00
parent fcf9eb674f
commit 88ac5c3d65
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
19 changed files with 127 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tasks/section_7/cis_7.1.x.yml
View file

@ -221,7 +221,7 @@
warn_control_id: '7.1.12'
block:
- name: "7.1.12 | AUDIT | Ensure no files or directories without an owner and a group exist | Get list files or directories"
ansible.builtin.shell: find {{ rhel9cis_exclude_unowned_search_path }} {{ item.mount }} -xdev \( -nouser -o -nogroup \) -not -fstype nfs
ansible.builtin.command: find {{ rhel9cis_exclude_unowned_search_path }} {{ item.mount }} -xdev \( -nouser -o -nogroup \) -not -fstype nfs
changed_when: false
failed_when: false
check_mode: false
@ -283,7 +283,7 @@
warn_control_id: '7.1.13'
block:
- name: "7.1.13 | AUDIT | Ensure SUID and SGID files are reviewed | Find SUID and SGID"
ansible.builtin.shell: find {{ item.mount }} -xdev -type f -perm \( -02000 or -04000 \) -not -fstype nfs
ansible.builtin.command: find {{ item.mount }} -xdev -type f -perm \( -02000 or -04000 \) -not -fstype nfs
changed_when: false
failed_when: false
check_mode: false