sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

fix csv sugroup option updated

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-01-19 13:33:11 +00:00
parent cb609c1f1a
commit 999d7b5b1e
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
2 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
defaults/main.yml
View file

@ -637,7 +637,7 @@ rhel9cis_futurepwchgdate_autofix: true
# 5.7 # 5.7
# rhel9cis_sugroup: sugroup # change accordingly wheel is default # rhel9cis_sugroup: sugroup # change accordingly wheel is default
# wheel users list # wheel users list please supply comma seperated e.g. "vagrant,root"
rhel9cis_sugroup_users: "root" rhel9cis_sugroup_users: "root"
## Section6 vars ## Section6 vars

3
tasks/section_5/cis_5.3.x.yml
View file

@ -120,8 +120,9 @@
- name: "5.3.7 | PATCH | Ensure access to the su command is restricted | wheel group contains root" - name: "5.3.7 | PATCH | Ensure access to the su command is restricted | wheel group contains root"
ansible.builtin.user: ansible.builtin.user:
name: "{{ rhel9cis_sugroup_users }}" name: "{{ item }}"
groups: "{{ rhel9cis_sugroup | default('wheel') }}" groups: "{{ rhel9cis_sugroup | default('wheel') }}"
loop: "{{ rhel9cis_sugroup_users | split (',') }}"
when: when:
- rhel9cis_rule_5_3_7 - rhel9cis_rule_5_3_7
tags: tags: