sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

use new var name

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-04-06 16:32:14 +01:00
parent 7374c37510
commit 9c771e03e4
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tasks/section_5/cis_5.5.x.yml
View file

@ -3,10 +3,14 @@
- name: "5.5.1 | PATCH | "
block:
- name: "5.5.1 | PATCH | Ensure password creation requirements are configured | Set pwquality config settings"
blockinfile:
lineinfile:
path: /etc/security/pwquality.conf
marker: "<!-- {mark} CIS 5.5.1 ANSIBLE MANAGED BLOCK -->"
block: "{{ rhel9cis_pam_password }}"
state: present
regexp: ^{{ item.name }}
line: "{{ item.name }} = {{ item.value }}"
with_items:
- { name: minlen, value: "{{ rhel9cis_pam_password.minlen }}" }
- { name: minclass, value: "{{ rhel9cis_pam_password.minclass }}" }
- name: "5.5.1 | PATCH | Ensure password creation requirements are configured | Set system-auth retry settings"
lineinfile: