RHEL9-CIS

Author	SHA1	Message	Date
Fred W.	374b9a5dc0	Merge pull request #391 from polski-g/check_mode_1_4_2 1.4.2: grep command should run in check_mode	2025-09-10 08:51:33 -04:00
Fred W.	92bba62586	Merge pull request #385 from polski-g/check_mode_5_4_1_1 5.4.1.1: shell command should run in check_mode	2025-09-10 08:50:49 -04:00
Frederick Witty	e61cafb59b	addressed issue #387 , thank you @fragglexarmy Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-09 15:59:30 -04:00
Frederick Witty	5794114b3e	Update prelim logic to address #382 Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-09 15:12:01 -04:00
Frederick Witty	2dfa9266a8	Update cryto policy var to standard Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-08 11:54:57 -04:00
Frederick Witty	413ccb96b7	Update cryto policy based controls with improved logic Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-05 16:39:55 -04:00
Frederick Witty	b0ec6c4820	Fix for #384 , thank you @polski-g Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-05 16:24:11 -04:00
polski-g	1c9c1b919c	1.4.2: grep command should run in check_mode Signed-off-by: polski-g <polski_g@sent.at>	2025-09-03 09:55:00 -04:00
Frederick Witty	de7555aa10	Update Changelog with fixes Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-09-02 17:14:30 -04:00
polski-g	88507f9516	5.4.1.1: shell command should run in check_mode Signed-off-by: polski-g <polski_g@sent.at>	2025-08-28 13:15:29 -04:00
Mark Bolwell	f0fb701122	updated var naming on 5.4.2.5 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:10:37 +01:00
Mark Bolwell	7428f269e7	changed rsyslog to insert before line134 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:09:51 +01:00
Mark Bolwell	cddad90a23	enabled different locale characters in password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:04:07 +01:00
Mark Bolwell	fd2bfb7437	improved prelim tests for 5.2.4 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:03:11 +01:00
Mark Bolwell	b21569c62d	added update for gdm and giu packages Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:00:36 +01:00
Michael Hicks	cfbbb3339a	renames 3 uses of ansible.builtin.systemd_service to ansible.builtin.systemd to maintain ansible 2.12+ compat. Fixes #379 Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2025-08-11 15:17:00 -07:00
Mark Bolwell	4b62f0fc35	Updated post steps inline with pre steps for file permissions Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-04 09:56:30 +01:00
Mark Bolwell	876e261d1f	fixed issues for permissions when using fetch thanks to @steve-hayes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-04 09:54:07 +01:00
uk-bolly	feb183553c	Merge pull request #367 from siemens/siemens/rhel9_v2_fixing_inconsistencies Fixing minor inconsistencies	2025-07-18 14:34:22 +01:00
Tomuta, Diana Maria (T CST SCC-RO)	b182abf2aa	Fixing inconsistencies for importing tasks from section 1. Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-08 16:38:12 +03:00
Tomuta, Diana Maria (T CST SCC-RO)	4329591c90	Fixing inconsistencies between rule ids in title, tags and when. Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-08 09:37:29 +03:00
uk-bolly	38916aeade	Merge pull request #361 from siemens/siemens/feat/rhel9_v2_fix_control_5.4.2.5 Fixing issue for Control 5.4.2.5	2025-07-04 11:35:17 +01:00
uk-bolly	1ed720e7c9	Merge pull request #360 from siemens/siemens/feat/rhel9_v2_fix_control_6.3.4.5 Fixing issue for Control 6.3.4.5	2025-07-04 11:33:11 +01:00
Tomuta, Diana Maria (T CST SCC-RO)	a556750894	Fixing issue https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/41 . Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-03 13:03:08 +03:00
davidalexander83	7ec2c9bf5e	Fix re.error due to (?i) not at start of re 6.2.2.3 and 6.2.2.4 cause issues due to current re syntax: ^(?i)(\s*compress=) re.error: global flags not at the start of the expression at position 1 Fix removes ^ which resolves issue without affecting functionality. Signed-off-by: davidalexander83 <davidalexander83@icloud.com>	2025-07-02 12:32:20 +10:00
Frederick Witty	23338ccd31	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 11:12:07 -04:00
Diana-Maria Dumitru	ed699a50ba	Fixing issue https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/43 . Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-06-26 13:35:51 +03:00
Mark Bolwell	bd1547313a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:29:53 +01:00
uk-bolly	055cb35603	Merge branch 'devel' into audit_only_fetch Signed-off-by: uk-bolly <mark.bollyuk@gmail.com>	2025-06-20 11:21:28 +02:00
uk-bolly	3dfa4f7e86	Merge pull request #348 from ansible-lockdown/root_user_check root password and other improvements	2025-06-19 17:28:45 +02:00
Mark Bolwell	515d5c3bf7	added changed_when to resolve false warning message Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:48 +01:00
Mark Bolwell	908ac57db7	enabled fetch report and updated title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:01 +01:00
Mark Bolwell	3173b74481	updated grep command 1.3.1.6 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:21:45 +01:00
Mark Bolwell	35d0bf9c4b	updated auditing conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 13:19:14 +01:00
uk-bolly	27dc592c12	Merge pull request #343 from polski-g/auditd_check_mode auditd: ensure check mode runs non-destructive call to ausyscall --dump	2025-06-16 11:15:30 +02:00
Mark Bolwell	7bef2eda62	added check_mode false Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:12:27 +01:00
Mark Bolwell	18fc4ea585	updated conditional var name and regex best practices Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:08:56 +01:00
Mark Bolwell	b2308ac310	fixed typos in logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:55 +01:00
Mark Bolwell	51b20d383d	Renamed variable to prelim Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:27 +01:00
Mark Bolwell	9f50effd30	updated logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:01:10 +01:00
Mark Bolwell	30bb04b1d4	updates root password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-12 12:10:44 +01:00
Fred W.	f86803b1a7	Merge pull request #346 from ansible-lockdown/May2025Fixes Fix for #325 thank you @mindrb	2025-06-09 12:23:28 -04:00
polski-g	5226f14b3e	fetch of auditd logfile should run in check_mode Signed-off-by: polski-g <polski_g@sent.at>	2025-06-06 10:03:47 -04:00
polski-g	1bff329a05	auditd: ensure check mode runs non-destructive call to ausyscall --dump Signed-off-by: polski-g <polski_g@sent.at>	2025-06-03 11:35:05 -04:00
uk-bolly	f70821bf7e	Merge pull request #340 from ansible-lockdown/interactive_user_update Updated variable naming for interactive_users	2025-05-28 18:42:20 +01:00
Mark Bolwell	cb475d3368	fixed typo on post audit file name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:10:28 +01:00
Mark Bolwell	f740d89b54	Added user home discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:36:39 +01:00
Mark Bolwell	210535bf4f	updated loop var name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:36:04 +01:00
Mark Bolwell	c4070c341b	Updated logic on 7.2.9 tasks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:35:34 +01:00
Mark Bolwell	5dc2541731	Updated passwd variable name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 14:57:29 +01:00

1 2 3 4 5 ...

534 commits