sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

audit binaries variables

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2024-12-10 16:46:08 +00:00
parent 2827c752ac
commit c5278da4e5
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
1 changed files with 3 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

24
tasks/section_6/cis_6.3.4.x.yml
View file

@ -105,13 +105,7 @@
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
mode: 'go-w' mode: 'go-w'
loop: loop: "{{ audit_bins }}"
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules
- name: "6.3.4.9 | PATCH | Ensure audit tools owner is configured" - name: "6.3.4.9 | PATCH | Ensure audit tools owner is configured"
when: when:
@ -126,13 +120,7 @@
path: "{{ item }}" path: "{{ item }}"
owner: root owner: root
group: root group: root
loop: loop: "{{ audit_bins }}"
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules
- name: "6.3.4.10 | PATCH | Ensure audit tools group owner is configured" - name: "6.3.4.10 | PATCH | Ensure audit tools group owner is configured"
when: when:
@ -147,10 +135,4 @@
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
group: root group: root
loop: loop: "{{ audit_bins }}"
- /sbin/auditctl
- /sbin/aureport
- /sbin/ausearch
- /sbin/autrace
- /sbin/auditd
- /sbin/augenrules