sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity
1191 commits 2 branches 15 tags 2.5 MiB
Commit graph

549 commits

Author SHA1 Message Date
Ionut Pruteanu
b6f1703cfc
Replacing vars according to Audit needs 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-05 19:51:38 +02:00
Ionut Pruteanu
72b503bf46
Removing redundant conditional statements 
Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
 2023-12-05 14:42:51 +02:00
Senih
cce2b25d80
Update cis_5.6.1.x.yml 
Typo fixed from:
- rule_5.5.1.3
to:
- rule_5.6.1.3

Signed-off-by: Senih <40578755+senihucar@users.noreply.github.com>
 2023-11-23 12:02:37 -08:00
Mark Bolwell
23a4386e95
addition of audit_only config 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-11-21 09:49:36 +00:00
Mark Bolwell
8784941179
audit variables seperated 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-11-21 09:48:49 +00:00
root@DERVISHx
c6a51ad38a
Adding new entry in /etc/pam.d/system-auth 
Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com>
 2023-11-10 15:28:12 +00:00
Bernd Grobauer
646b4decc1
Adding missing lines to sysctl.d/50-default.conf 
Signed-off-by: Bernd Grobauer <bernd.grobauer@siemens.com>
 2023-10-12 12:56:20 +02:00
Mark Bolwell
729fac3580
updated 5.6.5 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-22 08:44:43 +01:00
Mark Bolwell
e82b2cefac
quoted file mode 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 16:25:59 +01:00
Mark Bolwell
11071a66ab
added pragma allowed 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 15:36:05 +01:00
Mark Bolwell
580ee762ee
fix filename 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 15:35:35 +01:00
Mark Bolwell
e5d17f74ca
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 15:08:37 +01:00
Mark Bolwell
c5ed197e03
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 15:07:52 +01:00
Mark Bolwell
af20f70f24
updated test 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 14:57:25 +01:00
Mark Bolwell
a67a484971
import_tasks file added 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 14:55:55 +01:00
Mark Bolwell
e202d4bd68
lint updates 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-21 14:55:00 +01:00
Mark Bolwell
d64414ce9b
updated test and control 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-18 09:51:56 +01:00
Mark Bolwell
43a339c74f
new var rhel9cis_rhel_default_repo 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-07 14:23:12 +01:00
Mark Bolwell
04cb2e0f1d
#54 merged into new layout 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-09-06 08:44:23 +01:00
Mark Bolwell
73cf599e48
removed quotes not required 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-08-10 08:28:43 +01:00
Mark Bolwell
dadeeab2c7
updated comment on rule 1.2.1 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-08-09 11:47:54 +01:00
Mark Bolwell
009c9fc498
updated audit vars naming, AMD & ARM binaries 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-28 15:16:50 +01:00
Mark Bolwell
b631459e9b
fix typo in bashrc path 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-28 15:09:52 +01:00
Mark Bolwell
81b2f06dab
updated 5.6.5 logic 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-26 17:17:45 +01:00
Mark Bolwell
c9db12b603
updated lint 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-26 16:58:33 +01:00
Mark Bolwell
0ad7bf4848
lint updates 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-26 16:50:48 +01:00
Mark Bolwell
a791c81cf2
5.5.3 fix and update 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-26 11:42:21 +01:00
Mark Bolwell
7c34f61d11
#72 improve password check 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-07-26 08:50:53 +01:00
Marco V
cfe7f8c852
Refactored the when statement layout 
Signed-off-by: Marco V <marco@osp.nl>
 2023-07-24 17:56:03 +02:00
c59099
9e8ecee964
- Added extra checks in using loop items in when statement 
- Fixed typo in handler name

Signed-off-by: Marco V <marco@osp.nl>
 2023-07-24 17:56:03 +02:00
Luca Berton
9709779492
Fix 2.2.14 
Corrected rule 2.2.14 Ensure dnsmasq is not installed (Automated).

Signed-off-by: Luca Berton <luca@ansiblepilot.com>
 2023-07-06 21:30:09 +02:00
Mark Bolwell
fe1bddf15b
typo fix 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-28 11:45:58 +01:00
Mark Bolwell
612bb01895
fixed error in assert user password set 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-28 11:34:15 +01:00
Mark Bolwell
ddec58c419
#66 5.6.5 regex improvment 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-28 10:49:55 +01:00
uk-bolly
4004b1b4c3
Merge pull request #67 from jakejellinek/patch-1 
Update cis_1.3.x.yml
 2023-06-21 08:00:38 +01:00
jakejellinek
a12c75b5b7
Update cis_1.3.x.yml 
Indentation error causing aide to not start or get validated.

Signed-off-by: jakejellinek <109655728+jakejellinek@users.noreply.github.com>
 2023-06-20 16:33:14 +01:00
Mark Bolwell
194925be2f
consistent vars and names 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-07 09:24:32 +01:00
Mark Bolwell
cc9e047196
lint 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-06 14:36:51 +01:00
Mark Bolwell
674d3417ff
rule_1.10 updates 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-06-06 14:36:38 +01:00
Mark Bolwell
c7d72b564b
4.1.3.6 command improvement 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-05-17 15:42:30 +01:00
Mark Bolwell
2da0d870c8
#57 
great catch

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-05-16 11:56:07 +01:00
Mark Bolwell
195e42e3ea
removed line and updated requirement #53 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-05-16 08:52:45 +01:00
Mark Bolwell
7c09b264a1
fixed layout 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
 2023-05-16 08:52:18 +01:00
uk-bolly
aa2c44a14f
Merge pull request #60 from jayolinares/pamConfigs_faillock 
fix https://github.com/ansible-lockdown/RHEL9-CIS/issues/58
 2023-05-12 12:00:13 +01:00
Jay Olinares
7f9b45cea3
tags added 
Signed-off-by: Jay Olinares <jay.olinares@gmail.com>
 2023-05-12 12:46:50 +10:00
uk-bolly
623d2fca61
Merge pull request #56 from drscream/fix/regex-escape 
Use correct backtick for regex escape
 2023-05-11 16:13:24 +01:00
Thomas Merkel
2380cd46c9
Use correct backtick for regex escape 
Depends on the ansible version regex escape (via slash) require correct
backticks to work. Otherwise it would result in a syntax error.

Signed-off-by: Thomas Merkel <tm@core.io>
 2023-05-04 19:40:19 +02:00
uk-bolly
021766a9b8
Merge pull request #55 from jayolinares/skipModprobe_container 
Molecule test on container is failing due to modprobe
 2023-05-04 14:32:37 +01:00
Jay Olinares
2317abd1d2
fix https://github.com/ansible-lockdown/RHEL9-CIS/issues/58 
Signed-off-by: Jay Olinares <jay.olinares@gmail.com>
 2023-05-04 11:37:57 +10:00
Stephen Williams
c20b5ed647
Merge pull request #52 from jayolinares/faillock-vars 
use var values for pam_faillock
 2023-04-26 10:57:36 -04:00