From cb609c1f1a179880af8417d8d3c6ad632faf426e Mon Sep 17 00:00:00 2001 From: Mark Bolwell Date: Thu, 19 Jan 2023 13:31:53 +0000 Subject: [PATCH] fqcn update Signed-off-by: Mark Bolwell --- tasks/section_1/main.yml | 32 ++++++++++++++++---------------- tasks/section_2/main.yml | 8 ++++---- tasks/section_3/main.yml | 10 +++++----- tasks/section_4/main.yml | 16 ++++++++-------- tasks/section_5/main.yml | 14 +++++++------- tasks/section_6/main.yml | 4 ++-- 6 files changed, 42 insertions(+), 42 deletions(-) diff --git a/tasks/section_1/main.yml b/tasks/section_1/main.yml index 1d6ab55..d9bc3b5 100644 --- a/tasks/section_1/main.yml +++ b/tasks/section_1/main.yml @@ -1,57 +1,57 @@ --- - name: "SECTION | 1.1.1.x | Disable unused filesystems" - import_tasks: cis_1.1.1.x.yml + ansible.builtin.import_tasks: cis_1.1.1.x.yml - name: "SECTION | 1.1.2.x | Configure /tmp" - import_tasks: cis_1.1.2.x.yml + ansible.builtin.import_tasks: cis_1.1.2.x.yml - name: "SECTION | 1.1.3.x | Configure /var" - import_tasks: cis_1.1.3.x.yml + ansible.builtin.import_tasks: cis_1.1.3.x.yml - name: "SECTION | 1.1.4.x | Configure /var/tmp" - import_tasks: cis_1.1.4.x.yml + ansible.builtin.import_tasks: cis_1.1.4.x.yml - name: "SECTION | 1.1.5.x | Configure /var/log" - import_tasks: cis_1.1.5.x.yml + ansible.builtin.import_tasks: cis_1.1.5.x.yml - name: "SECTION | 1.1.6.x | Configure /var/log/audit" - import_tasks: cis_1.1.6.x.yml + ansible.builtin.import_tasks: cis_1.1.6.x.yml - name: "SECTION | 1.1.7.x | Configure /home" - import_tasks: cis_1.1.7.x.yml + ansible.builtin.import_tasks: cis_1.1.7.x.yml - name: "SECTION | 1.1.8.x | Configure /dev/shm" - import_tasks: cis_1.1.8.x.yml + ansible.builtin.import_tasks: cis_1.1.8.x.yml - name: "SECTION | 1.1.x | Disable various mounting" - import_tasks: cis_1.1.x.yml + ansible.builtin.import_tasks: cis_1.1.x.yml - name: "SECTION | 1.2 | Configure Software Updates" - import_tasks: cis_1.2.x.yml + ansible.builtin.import_tasks: cis_1.2.x.yml - name: "SECTION | 1.3 | Filesystem Integrity Checking" - import_tasks: cis_1.3.x.yml + ansible.builtin.import_tasks: cis_1.3.x.yml when: rhel9cis_config_aide - name: "SECTION | 1.4 | Secure Boot Settings" - import_tasks: cis_1.4.x.yml + ansible.builtin.import_tasks: cis_1.4.x.yml - name: "SECTION | 1.5 | Additional Process Hardening" - import_tasks: cis_1.5.x.yml + ansible.builtin.import_tasks: cis_1.5.x.yml - name: "SECTION | 1.6 | Mandatory Access Control" include_tasks: cis_1.6.1.x.yml when: not rhel9cis_selinux_disable - name: "SECTION | 1.7 | Command Line Warning Banners" - import_tasks: cis_1.7.x.yml + ansible.builtin.import_tasks: cis_1.7.x.yml - name: "SECTION | 1.8 | Gnome Display Manager" - import_tasks: cis_1.8.x.yml + ansible.builtin.import_tasks: cis_1.8.x.yml - name: "SECTION | 1.9 | Updates and Patches" - import_tasks: cis_1.9.yml + ansible.builtin.import_tasks: cis_1.9.yml - name: "SECTION | 1.10 | Crypto policies" include_tasks: cis_1.10.yml diff --git a/tasks/section_2/main.yml b/tasks/section_2/main.yml index 8f79854..39b912d 100644 --- a/tasks/section_2/main.yml +++ b/tasks/section_2/main.yml @@ -1,13 +1,13 @@ --- - name: "SECTION | 2.1 | Time Synchronization" - import_tasks: cis_2.1.x.yml + ansible.builtin.import_tasks: cis_2.1.x.yml - name: "SECTION | 2.2 | Special Purpose Services" - import_tasks: cis_2.2.x.yml + ansible.builtin.import_tasks: cis_2.2.x.yml - name: "SECTION | 2.3 | Service Clients" - import_tasks: cis_2.3.x.yml + ansible.builtin.import_tasks: cis_2.3.x.yml - name: "SECTION | 2.4 | Nonessential services removed" - import_tasks: cis_2.4.yml + ansible.builtin.import_tasks: cis_2.4.yml diff --git a/tasks/section_3/main.yml b/tasks/section_3/main.yml index cb5c04a..535aba9 100644 --- a/tasks/section_3/main.yml +++ b/tasks/section_3/main.yml @@ -1,16 +1,16 @@ --- - name: "SECTION | 3.1.x | Disable unused network protocols and devices" - import_tasks: cis_3.1.x.yml + ansible.builtin.import_tasks: cis_3.1.x.yml - name: "SECTION | 3.2.x | Network Parameters (Host Only)" - import_tasks: cis_3.2.x.yml + ansible.builtin.import_tasks: cis_3.2.x.yml - name: "SECTION | 3.3.x | Network Parameters (host and Router)" - import_tasks: cis_3.3.x.yml + ansible.builtin.import_tasks: cis_3.3.x.yml - name: "SECTION | 3.4.1.x | Firewall configuration" - import_tasks: cis_3.4.1.x.yml + ansible.builtin.import_tasks: cis_3.4.1.x.yml - name: "SECTION | 3.4.2.x | Configure firewall" - include_tasks: cis_3.4.2.x.yml + ansible.builtin.import_tasks: cis_3.4.2.x.yml diff --git a/tasks/section_4/main.yml b/tasks/section_4/main.yml index a7a3659..285a2f3 100644 --- a/tasks/section_4/main.yml +++ b/tasks/section_4/main.yml @@ -1,29 +1,29 @@ --- - name: "SECTION | 4.1 | Configure System Accounting (auditd)" - include_tasks: cis_4.1.1.x.yml + ansible.builtin.import_tasks: cis_4.1.1.x.yml when: - not system_is_container - name: "SECTION | 4.1.2 | Configure Data Retention" - import_tasks: cis_4.1.2.x.yml + ansible.builtin.import_tasks: cis_4.1.2.x.yml - name: "SECTION | 4.1.3 | Configure Auditd rules" - import_tasks: cis_4.1.3.x.yml + ansible.builtin.import_tasks: cis_4.1.3.x.yml - name: "SECTION | 4.1.4 | Configure Audit files" - import_tasks: cis_4.1.4.x.yml + ansible.builtin.import_tasks: cis_4.1.4.x.yml - name: "SECTION | 4.2 | Configure Logging" - import_tasks: cis_4.2.1.x.yml + ansible.builtin.import_tasks: cis_4.2.1.x.yml when: rhel9cis_syslog == 'rsyslog' - name: "SECTION | 4.2.2 | Configure journald" - import_tasks: cis_4.2.2.x.yml + ansible.builtin.import_tasks: cis_4.2.2.x.yml when: rhel9cis_syslog == 'journald' - name: "SECTION | 4.2.3 | Configure logile perms" - import_tasks: cis_4.2.3.yml + ansible.builtin.import_tasks: cis_4.2.3.yml - name: "SECTION | 4.3 | Configure logrotate" - import_tasks: cis_4.3.yml + ansible.builtin.import_tasks: cis_4.3.yml diff --git a/tasks/section_5/main.yml b/tasks/section_5/main.yml index b7db859..5aed1c1 100644 --- a/tasks/section_5/main.yml +++ b/tasks/section_5/main.yml @@ -3,24 +3,24 @@ # Access, Authentication, and Authorization - name: "SECTION | 5.1 | Configure time-based job schedulers" - import_tasks: cis_5.1.x.yml + ansible.builtin.import_tasks: cis_5.1.x.yml - name: "SECTION | 5.2 | Configure SSH Server" - include_tasks: cis_5.2.x.yml + ansible.builtin.import_tasks: cis_5.2.x.yml when: - "'openssh-server' in ansible_facts.packages" - name: "SECTION | 5.3 | Configure privilege escalation" - include_tasks: cis_5.3.x.yml + ansible.builtin.import_tasks: cis_5.3.x.yml - name: "SECTION | 5.4 | Configure authselect" - import_tasks: cis_5.4.x.yml + ansible.builtin.import_tasks: cis_5.4.x.yml - name: "SECTION | 5.5 | Configure PAM " - import_tasks: cis_5.5.x.yml + ansible.builtin.import_tasks: cis_5.5.x.yml - name: "SECTION | 5.6.1.x | Shadow Password Suite Parameters" - import_tasks: cis_5.6.1.x.yml + ansible.builtin.import_tasks: cis_5.6.1.x.yml - name: "SECTION | 5.6.x | Misc. User Account Settings" - import_tasks: cis_5.6.x.yml + ansible.builtin.import_tasks: cis_5.6.x.yml diff --git a/tasks/section_6/main.yml b/tasks/section_6/main.yml index b6acabf..35328e5 100644 --- a/tasks/section_6/main.yml +++ b/tasks/section_6/main.yml @@ -1,7 +1,7 @@ --- - name: "SECTION | 6.1 | System File Permissions" - import_tasks: cis_6.1.x.yml + ansible.builtin.import_tasks: cis_6.1.x.yml - name: "SECTION | 6.2 | User and Group Settings" - import_tasks: cis_6.2.x.yml + ansible.builtin.import_tasks: cis_6.2.x.yml