sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Merge pull request #340 from ansible-lockdown/interactive_user_update

Browse source 
Updated variable naming for interactive_users
This commit is contained in:
uk-bolly 2025-05-28 18:42:20 +01:00 committed by GitHub
commit f70821bf7e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 74 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tasks/prelim.yml
View file

@ -31,9 +31,17 @@
- name: "PRELIM | AUDIT | Interactive Users (reformat)"
tags: always
ansible.builtin.set_fact:
prelim_interactive_usernames: "{{ prelim_interactive_users | default([]) + [dict([('username', item.split(':')[0]), ('uid', item.split(':')[1]), ('home', item.split(':')[2])])] }}"
prelim_interactive_users: "{{ prelim_interactive_users | default([]) + [dict([('username', item.split(':')[0]), ('uid', item.split(':')[1]), ('home', item.split(':')[2])])] }}"
loop: "{{ prelim_interactive_users_raw.stdout_lines }}"
- name: "PRELIM | AUDIT | Interactive User accounts home directories"
tags: always
ansible.builtin.shell: >
grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '(!index($7, "sbin/nologin") && $7 != "/bin/nologin" && $7 != "/bin/false" && $7 != "/dev/null") { print $6 }'
changed_when: false
check_mode: false
register: prelim_interactive_users_home
- name: "PRELIM | AUDIT | Interactive UIDs"
tags: always
ansible.builtin.shell: >