sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

5.6.6 test added

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-01-27 11:02:01 +00:00
parent d770c69aca
commit 98feeb1b01
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
1 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

22
tasks/main.yml
View file

@ -42,6 +42,28 @@
tags: tags:
- user_passwd - user_passwd
- name: "Ensure root password is set"
block:
- name: "Ensure root password is set"
ansible.builtin.shell: passwd -S root | grep "Password set, SHA512 crypt"
changed_when: false
register: root_passwd_set
- name: "Ensure root password is set"
ansible.builtin.assert:
that: root_passwd_set.rc == 0
fail_msg: "You have rule 5.6.6 enabled this requires that you have a root password set"
success_msg: "You have a root password set"
when:
- rhel9cis_rule_5_6_6
tags:
- level1-server
- level1-workstation
- patch
- accounts
- root
- rule_5.6.6
- name: Setup rules if container - name: Setup rules if container
block: block:
- name: Discover and set container variable if required - name: Discover and set container variable if required