Initial

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/section_5/cis_5.6.yml

@@ -0,0 +1,35 @@
+---
+
+# this will just display the list of consoles. The site will need to confirm the allowed consoles are correct and change manually if needed.
+- name: "5.6 | L1 | AUDIT | Ensure root login is restricted to system console"
+  block:
+      - name: "5.6 | L1 | AUDIT | Ensure root login is restricted to system console | Check if securetty file exists"
+        stat:
+            path: /etc/securetty
+        register: rhel9cis_securetty_check
+
+      - name: "5.6 | L1 | AUDIT | Ensure root login is restricted to system console | Capture consoles"
+        command: cat /etc/securetty
+        changed_when: false
+        register: rhel_09_5_6_audit
+        when: rhel9cis_securetty_check.stat.exists
+
+      - name: "5.6 | L1 | AUDIT |Ensure root login is restricted to system console | Display Console"
+        debug:
+            msg:
+                - "These are the consoles with root login access, please review:"
+                - "{{ rhel_09_5_6_audit.stdout_lines }}"
+        when: rhel9cis_securetty_check.stat.exists
+
+      - name: "5.6 | L1 | AUDIT | Ensure root login is restricted to system console | Display that no securetty file exists"
+        debug:
+            msg:
+                - "There is no /etc/securetty file, this has been removed by default in RHEL9"
+        when: not rhel9cis_securetty_check.stat.exists
+  when:
+      - rhel9cis_rule_5_6
+  tags:
+      - level1-server
+      - level1-workstation
+      - audit
+      - rule_5.6