sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

new option to 6_2_16 not follow symlinks

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2023-02-14 08:54:21 +00:00
parent 32e795d68d
commit e5ce163fcf
No known key found for this signature in database
GPG key ID: 1DE02A772D0908F9
3 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
defaults/main.yml
View file

@ -653,8 +653,14 @@ rhel9cis_rpm_audit_file: /var/tmp/rpm_file_check
# RHEL-09_6.1.10 Allow ansible to adjust world-writable files. False will just display world-writable files, True will remove world-writable
rhel9cis_no_world_write_adjust: true
rhel9cis_passwd_label: "{{ (this_item | default(item)).id }}: {{ (this_item | default(item)).dir }}"
# 6.2.9
rhel9cis_dotperm_ansiblemanaged: true
# 6.2.16
## Dont follow symlinks for changes to user home directory thanks to @dulin-gnet and comminty for rhel8-cis reedbacj
rhel_09_6_2_16_home_follow_symlinks: false
#### Goss Configuration Settings ####
# Set correct env for the run_audit.sh script from https://github.com/ansible-lockdown/{{ benchmark }}-Audit.git"
audit_run_script_environment: