sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Fix for #384, thank you @polski-g

Browse source 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
This commit is contained in:
Frederick Witty 2025-09-05 16:24:11 -04:00
parent de7555aa10
commit b0ec6c4820
No known key found for this signature in database
GPG key ID: D29987C25A47D813
4 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/main.yml
View file

@ -97,7 +97,7 @@
(
((prelim_ansible_user_password_set.stdout | length != 0) and (prelim_ansible_user_password_set.stdout != "!!" ))
or
(ansible_env.SUDO_USER in rhel10cis_sudoers_exclude_nopasswd_list)
(ansible_env.SUDO_USER in rhel9cis_sudoers_exclude_nopasswd_list)
)
fail_msg: "You have {{ sudo_password_rule }} enabled but the user = {{ ansible_env.SUDO_USER }} has no password set or or the user is not included in the exception list for rule 5.2.4 - It can break access"
success_msg: "You have a password set for the {{ ansible_env.SUDO_USER }} user or the user is included in the exception list for rule 5.2.4"