Updated mountpoints controls

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

handlers/main.yml

@@ -1,6 +1,149 @@
 ---
 # handlers file for RHEL9-CIS
 
+- name: "Adding options for /tmp"
+  when: not rhel9cis_tmp_svc
+  vars:
+    mount_point: '/tmp'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /tmp"
+
+- name: "Remounting /tmp"
+  vars:
+    mount_point: '/tmp'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /tmp"
+
+- name: "Remounting /tmp systemd"
+  vars:
+    mount_point: '/tmp'
+  ansible.builtin.systemd:
+    name: tmp.mount
+    state: restarted
+    daemon_reload: true
+  listen: "Remount /tmp"
+
+- name: "Adding options for /dev/shm"
+  vars:
+    mount_point: '/dev/shm'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /dev/shm"
+
+- name: "Remounting /dev/shm"
+  vars:
+    mount_point: '/dev/shm'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /dev/shm"
+
+- name: "Adding options for /home"
+  vars:
+    mount_point: '/home'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /home"
+
+- name: "Remounting /home"
+  vars:
+    mount_point: '/home'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /home"
+
+- name: "Adding options for /var"
+  vars:
+    mount_point: '/var'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /var"
+
+- name: "Remounting /var"
+  vars:
+    mount_point: '/var'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /var"
+
+- name: "Adding options for /var/tmp"
+  vars:
+    mount_point: '/var/tmp'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /var/tmp"
+
+- name: "Remounting /var/tmp"
+  vars:
+    mount_point: '/var/tmp'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /var/tmp"
+
+- name: "Adding options for /var/log"
+  vars:
+    mount_point: '/var/log'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /var/log"
+
+- name: "Remounting /var/log"
+  vars:
+    mount_point: '/var/log'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /var/log"
+
+- name: "Adding options for /var/log/audit"
+  vars:
+    mount_point: '/var/log/audit'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    src: "{{ mount_point_fs_and_options[mount_point]['src'] }}"
+    state: present
+    fstype: "{{ mount_point_fs_and_options[mount_point]['fs_type'] }}"
+    opts: "{{ mount_point_fs_and_options[mount_point]['options'] | unique | join(',') }}"
+  listen: "Remount /var/log/audit"
+
+- name: "Remounting /var/log/audit"
+  vars:
+    mount_point: '/var/log/audit'
+  ansible.posix.mount:
+    path: "{{ mount_point }}"
+    state: remounted
+  listen: "Remount /var/log/audit"
+
 - name: Reload sysctl
   ansible.builtin.shell: sysctl --system
 
@@ -31,11 +174,6 @@
     masked: false
     state: reloaded
 
-- name: Remount tmp
-  ansible.posix.mount:
-    path: /tmp
-    state: remounted
-
 - name: Update Crypto Policy
   ansible.builtin.set_fact:
     rhel9cis_full_crypto_policy: "{{ rhel9cis_crypto_policy }}{% if rhel9cis_crypto_policy_module | length > 0 %}{{ rhel9cis_crypto_policy_module }}{% endif %}"