RHEL9-CIS

Author	SHA1	Message	Date
Mark Bolwell	d5065c1a82	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:53 +01:00
Mark Bolwell	2bf95bf3da	default mask nftable for firewalld Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:42 +01:00
Mark Bolwell	32c409cb48	reorder 3.4.1.2 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:21 +01:00
Mark Bolwell	96abe45eb2	fix template path Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:06 +01:00
Mark Bolwell	0ef9e990cc	tidy and fix titles Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 08:48:53 +01:00
Mark Bolwell	d9b807c325	change lineinfile to path Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 08:45:11 +01:00
Mark Bolwell	3d5fd41ed8	pam vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:31:02 +01:00
Mark Bolwell	223254b5c9	rewrite Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:30:52 +01:00
Mark Bolwell	b3a6f89ae0	lint Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:30:40 +01:00
Mark Bolwell	2eeccbdc69	fixed regex Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:30:14 +01:00
Mark Bolwell	9a0ac22331	fix tag typo Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 16:20:27 +01:00
Mark Bolwell	e03f7194ff	added validate Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 16:16:31 +01:00
Mark Bolwell	790db75501	added validate & typo fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 16:12:47 +01:00
Mark Bolwell	ca24e923c4	updated template names Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 16:07:59 +01:00
Mark Bolwell	49760449d0	netwokr protocol template Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:15:54 +01:00
Mark Bolwell	842b295ecf	firewall pkg control - prefer log capture Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:15:40 +01:00
Mark Bolwell	adcc647dd4	masked or removal options Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:14:59 +01:00
Mark Bolwell	b4eefdbdd3	2.2.18 update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:14:24 +01:00
Mark Bolwell	fef891dc1b	tidy up sysctl templates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:14:13 +01:00
Mark Bolwell	8b8aef291b	updated masked options Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 14:40:58 +01:00
Mark Bolwell	4dfacd9e3b	updated server/service vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 12:50:41 +01:00
Mark Bolwell	39780562c1	section 1 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 12:07:07 +01:00
Mark Bolwell	bfbcede072	fixed tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 17:19:52 +01:00
Mark Bolwell	2d21f8a98e	tidy up vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 17:09:53 +01:00
Mark Bolwell	2565df6047	removed notauto var as not used Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 16:41:05 +01:00
Mark Bolwell	a7403f860f	removed travis variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 16:37:24 +01:00
Mark Bolwell	f0c4701dbd	updated controls Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 15:26:13 +01:00
Mark Bolwell	19a218390d	updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 16:34:33 +01:00
Mark Bolwell	c6caa90059	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 16:18:11 +01:00
Mark Bolwell	398bc5bd0c	renamed and updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 13:55:04 +01:00
Mark Bolwell	d65bb7f257	renamed and updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 13:54:47 +01:00
Mark Bolwell	35db8136b5	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:55:03 +01:00
Mark Bolwell	555e443dec	renamd updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:49:23 +01:00
Mark Bolwell	e043274c34	updated netwokr sysctl rules Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:48:50 +01:00
Mark Bolwell	42410b4cd0	added ipv6 rules template Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:37:10 +01:00
Mark Bolwell	c85e9ba43f	updated ipv6 rules Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:36:36 +01:00
Mark Bolwell	8c79bfe7fb	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:22:30 +01:00
Mark Bolwell	dc5f71d461	removed not required files Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:09:55 +01:00
Mark Bolwell	f808f30173	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:08:18 +01:00
Mark Bolwell	efdcb0b6f5	section_1 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 11:02:30 +01:00
Mark Bolwell	c96271ea7a	update section1_2 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 09:42:12 +01:00
uk-bolly	ac744cb5ae	Collections (#7 ) * added collections requiremenst for tower integration Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added crypto & posix Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed older files Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated workflow uses rocky8 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated ansible ver Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated discord info Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-02 13:19:54 +00:00
George Nalen	79cc69e3d9	Merge pull request #6 from ansible-lockdown/5.4.1_typo 5.4.1 fixed thanks to cf-sewe	2022-02-07 11:03:10 -08:00
George Nalen	c333a085b5	updated gitrepo path in workflows Signed-off-by: George Nalen <georgen@mindpointgroup.com>	2022-02-07 13:43:56 -05:00
Mark Bolwell	e6d129914e	updated to use rocky image Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-07 16:49:28 +00:00
Mark Bolwell	59e22e8600	fixed thanks to cf-sewe Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-07 16:44:41 +00:00
uk-bolly	9db4b7fd81	Improvements (#5 ) * container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added github templates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated layout Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added .github ignore again Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-02 11:34:50 +00:00
uk-bolly	02a36f7f8d	Fix in logic for Alma (#4 ) * container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed reboot var Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed skip_reboot var name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * masked only Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * remove debug update logic 6.2.8 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed CentOS Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-02 11:25:03 +00:00
Mark Bolwell	876ac290d5	update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 16:51:23 +00:00
Mark Bolwell	54f4e0b4b8	boolean variable true/false Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 16:51:17 +00:00

... 5 6 7 8 9

420 commits