sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

tss user and spacing

Browse source 
Signed-off-by: Kristian <kris9854@gmail.com>
This commit is contained in:
Kristian 2022-09-27 17:15:49 +02:00
parent 5098beec03
commit fc407f8329
No known key found for this signature in database
GPG key ID: CB341F6A0D2D2A3C
8 changed files with 12 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tasks/section_6/cis_6.1.x.yml
View file

@ -96,7 +96,7 @@
- permissions
- rule_6.1.4
- name: "6.1.5 | PATCH | Ensure permissions on /etc/group are configured"
- name: "6.1.5 | PATCH | Ensure permissions on /etc/group are configured"
file:
dest: /etc/group-
owner: root
@ -299,7 +299,7 @@
loop_control:
label: "{{ item.mount }}"
- name: "6.1.14 | AUDIT | Audit SUID executables | Alert no SUID executables exist"
- name: "6.1.14 | AUDIT | Audit SUID executables | Alert no SUID executables exist"
debug:
msg: "Good news! We have not found any SUID executable files on your system"
failed_when: false
@ -307,7 +307,7 @@
when:
- rhel_08_6_1_14_perms_results.stdout is not defined
- name: "6.1.14 | AUDIT | Audit SUID executables | Alert SUID executables exist"
- name: "6.1.14 | AUDIT | Audit SUID executables | Alert SUID executables exist"
debug:
msg: "Manual intervention is required -- SUID set on items in {{ item.item.mount }}: {{ item.stout_lines | join(', ') }}"
with_items: "{{ rhel_08_6_1_14_perms_results.stdout_lines }}"
@ -334,7 +334,7 @@
loop_control:
label: "{{ item.mount }}"
- name: "6.1.15 | AUDIT | Audit SGID executables | Alert no SGID executables exist"
- name: "6.1.15 | AUDIT | Audit SGID executables | Alert no SGID executables exist"
debug:
msg: "Good news! We have not found any SGID executable files on your system"
failed_when: false
@ -342,7 +342,7 @@
when:
- rhel_08_6_1_15_perms_results.stdout is not defined
- name: "6.1.15 | AUDIT | Audit SGID executables | Alert SGID executables exist"
- name: "6.1.15 | AUDIT | Audit SGID executables | Alert SGID executables exist"
debug:
msg: "Manual intervention is required -- SGID set on items in {{ item.item.mount }}: {{ item.stout_lines | join(', ') }}"
with_items: "{{ rhel_08_6_1_15_perms_results.stdout_lines }}"