sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

yamllint

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-04-26 16:01:56 +01:00
parent 8361791c51
commit 91600af889
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
4 changed files with 7 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/main.yml
View file

@ -55,7 +55,7 @@
when: when:
- rhel9cis_set_boot_pass - rhel9cis_set_boot_pass
- rhel9cis_rule_1_4_1 - rhel9cis_rule_1_4_1
tags: tags:
- always - always
- name: "check sugroup exists if used" - name: "check sugroup exists if used"

2
tasks/section_3/cis_3.4.1.x.yml
View file

@ -31,7 +31,7 @@
package: package:
name: iptables-services name: iptables-services
state: absent state: absent
when: when:
when: when:
- rhel9cis_rule_3_4_1_2 - rhel9cis_rule_3_4_1_2
- "'iptables-services' in ansible_facts.packages" - "'iptables-services' in ansible_facts.packages"

1
tasks/section_3/main.yml
View file

@ -18,4 +18,3 @@
include_tasks: cis_3.4.2.x.yml include_tasks: cis_3.4.2.x.yml
when: when:
- rhel9cis_firewall == "nftables" - rhel9cis_firewall == "nftables"

10
tasks/section_4/cis_4.3.yml
View file

@ -2,8 +2,8 @@
- name: "4.3.1 | PATCH | Ensure logrotate is installed" - name: "4.3.1 | PATCH | Ensure logrotate is installed"
package: package:
name: rsyslog-logrotate name: rsyslog-logrotate
state: present state: present
when: when:
- rhel9cis_rule_4_3_1 - rhel9cis_rule_4_3_1
tags: tags:
@ -16,9 +16,9 @@
- name: "4.3.2 | PATCH | Ensure logrotate is running and enabled" - name: "4.3.2 | PATCH | Ensure logrotate is running and enabled"
systemd: systemd:
name: logrotate name: logrotate
state: started state: started
enabled: true enabled: true
when: when:
- rhel9cis_rule_4_3_2 - rhel9cis_rule_4_3_2
tags: tags: