forked from ansible-lockdown/RHEL9-CIS
prelim added
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell
parent
415f62faca
commit
c3f680d8fb
1 changed files with 18 additions and 9 deletions
|
|
@ -114,16 +114,25 @@
|
||||||
- rule_4.1.1.1
|
- rule_4.1.1.1
|
||||||
- auditd
|
- auditd
|
||||||
|
|
||||||
- name: "PRELIM | 4.1.12 | Ensure successful file system mounts are collected"
|
- name: "PRELIM | 4.1.4.5 | Audit conf and rules files | list files"
|
||||||
shell: for i in $(df | grep '^/dev' | awk '{ print $NF }'); do find $i -xdev -type f -perm -4000 -o -type f -perm -2000 2>/dev/null; done
|
ansible.builtin.find:
|
||||||
changed_when: false
|
path: /etc/audit
|
||||||
failed_when: false
|
file_type: file
|
||||||
check_mode: false
|
recurse: true
|
||||||
register: priv_procs
|
patterns: '*.conf,*.rules'
|
||||||
|
register: auditd_conf_files
|
||||||
|
when:
|
||||||
|
- rhel9cis_rule_4_1_4_5 or
|
||||||
|
rhel9cis_rule_4_1_4_6 or
|
||||||
|
rhel9cis_rule_4_1_4_7
|
||||||
tags:
|
tags:
|
||||||
- level1-server
|
- level2-server
|
||||||
- level1-workstation
|
- level2-workstation
|
||||||
- always
|
- patch
|
||||||
|
- auditd
|
||||||
|
- rule_4.1.4.5
|
||||||
|
- rule_4.1.4.6
|
||||||
|
- rule_4.1.4.7
|
||||||
|
|
||||||
- name: "PRELIM | Section 5.1 | Configure cron"
|
- name: "PRELIM | Section 5.1 | Configure cron"
|
||||||
package:
|
package:
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue