forked from ansible-lockdown/RHEL9-CIS
updated
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell
parent
efdcb0b6f5
commit
f808f30173
24 changed files with 769 additions and 923 deletions
|
|
@ -20,7 +20,7 @@
|
|||
vars:
|
||||
required_mount: '/var/tmp'
|
||||
when:
|
||||
- rhel9cis_rule_1_1_4_1
|
||||
- rhel8cis_rule_1_1_4_1
|
||||
tags:
|
||||
- level2-server
|
||||
- level2-workstation
|
||||
|
|
@ -39,7 +39,7 @@
|
|||
src: "{{ item.device }}"
|
||||
fstype: "{{ item.fstype }}"
|
||||
state: present
|
||||
opts: defaults,{% if rhel9cis_rule_1_1_4_2 %}noexec,{% endif %}{% if rhel9cis_rule_1_1_4_4 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_4_3 %}nosuid{% endif %}
|
||||
opts: defaults,{% if rhel8cis_rule_1_1_4_2 %}noexec,{% endif %}{% if rhel8cis_rule_1_1_4_4 %}nodev,{% endif %}{% if rhel8cis_rule_1_1_4_3 %}nosuid{% endif %}
|
||||
with_items:
|
||||
- "{{ ansible_mounts }}"
|
||||
loop_control:
|
||||
|
|
@ -48,10 +48,10 @@
|
|||
when:
|
||||
- var_tmp_mount_present is defined
|
||||
- item.mount == "/var/tmp"
|
||||
- rhel9cis_rule_1_1_4_1 # This is required so the check takes place
|
||||
- rhel9cis_rule_1_1_4_2 or
|
||||
rhel9cis_rule_1_1_4_3 or
|
||||
rhel9cis_rule_1_1_4_4
|
||||
- rhel8cis_rule_1_1_4_1 # This is required so the check takes place
|
||||
- rhel8cis_rule_1_1_4_2 or
|
||||
rhel8cis_rule_1_1_4_3 or
|
||||
rhel8cis_rule_1_1_4_4
|
||||
tags:
|
||||
- level1-server
|
||||
- level1-workstation
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue