sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured

Browse source 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
This commit is contained in:
Ionut Pruteanu 2023-12-20 22:21:14 +02:00
parent 88ffe32137
commit ca41b128cd
No known key found for this signature in database
GPG key ID: 95B7D43B702B3569
2 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
defaults/main.yml
View file

@ -529,6 +529,17 @@ rhel9cis_auditd:
max_log_file: 10 max_log_file: 10
max_log_file_action: keep_logs max_log_file_action: keep_logs
# This value governs if the below extra-vars for auditd should be used by the role
rhel9cis_auditd_extra_conf_usage: false
# This can be used to configure other keys in auditd.conf
# Example:
# rhel9cis_auditd_extra_conf:
# admin_space_left: '10%'
rhel9cis_auditd_extra_conf:
admin_space_left: 50
space_left: 75
# The audit_back_log_limit value should never be below 8192 # The audit_back_log_limit value should never be below 8192
rhel9cis_audit_back_log_limit: 8192 rhel9cis_audit_back_log_limit: 8192

1
tasks/section_4/cis_4.1.2.x.yml
View file

@ -58,6 +58,7 @@
notify: Restart auditd notify: Restart auditd
when: when:
- rhel9cis_auditd_extra_conf.keys() | length > 0 - rhel9cis_auditd_extra_conf.keys() | length > 0
- rhel9cis_auditd_extra_conf_usage
tags: tags:
- level2-server - level2-server
- level2-workstation - level2-workstation