RHEL9-CIS

Author	SHA1	Message	Date
Mark Bolwell	cddad90a23	enabled different locale characters in password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:04:07 +01:00
Mark Bolwell	fd2bfb7437	improved prelim tests for 5.2.4 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:03:11 +01:00
Mark Bolwell	b21569c62d	added update for gdm and giu packages Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-15 16:00:36 +01:00
Michael Hicks	cfbbb3339a	renames 3 uses of ansible.builtin.systemd_service to ansible.builtin.systemd to maintain ansible 2.12+ compat. Fixes #379 Signed-off-by: Michael Hicks <nooneofconsequence@gmail.com>	2025-08-11 15:17:00 -07:00
Mark Bolwell	4b62f0fc35	Updated post steps inline with pre steps for file permissions Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-04 09:56:30 +01:00
Mark Bolwell	876e261d1f	fixed issues for permissions when using fetch thanks to @steve-hayes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-08-04 09:54:07 +01:00
uk-bolly	feb183553c	Merge pull request #367 from siemens/siemens/rhel9_v2_fixing_inconsistencies Fixing minor inconsistencies	2025-07-18 14:34:22 +01:00
Tomuta, Diana Maria (T CST SCC-RO)	b182abf2aa	Fixing inconsistencies for importing tasks from section 1. Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-08 16:38:12 +03:00
Tomuta, Diana Maria (T CST SCC-RO)	4329591c90	Fixing inconsistencies between rule ids in title, tags and when. Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-08 09:37:29 +03:00
uk-bolly	38916aeade	Merge pull request #361 from siemens/siemens/feat/rhel9_v2_fix_control_5.4.2.5 Fixing issue for Control 5.4.2.5	2025-07-04 11:35:17 +01:00
uk-bolly	1ed720e7c9	Merge pull request #360 from siemens/siemens/feat/rhel9_v2_fix_control_6.3.4.5 Fixing issue for Control 6.3.4.5	2025-07-04 11:33:11 +01:00
Tomuta, Diana Maria (T CST SCC-RO)	a556750894	Fixing issue https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/41 . Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-07-03 13:03:08 +03:00
davidalexander83	7ec2c9bf5e	Fix re.error due to (?i) not at start of re 6.2.2.3 and 6.2.2.4 cause issues due to current re syntax: ^(?i)(\s*compress=) re.error: global flags not at the start of the expression at position 1 Fix removes ^ which resolves issue without affecting functionality. Signed-off-by: davidalexander83 <davidalexander83@icloud.com>	2025-07-02 12:32:20 +10:00
Frederick Witty	23338ccd31	Addresses #318 - Thank you @kodebach & @bgro Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-06-27 11:12:07 -04:00
Diana-Maria Dumitru	ed699a50ba	Fixing issue https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/43 . Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>	2025-06-26 13:35:51 +03:00
Mark Bolwell	bd1547313a	Fix logic and notes for in crypto policy building Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-20 11:29:53 +01:00
uk-bolly	055cb35603	Merge branch 'devel' into audit_only_fetch Signed-off-by: uk-bolly <mark.bollyuk@gmail.com>	2025-06-20 11:21:28 +02:00
uk-bolly	3dfa4f7e86	Merge pull request #348 from ansible-lockdown/root_user_check root password and other improvements	2025-06-19 17:28:45 +02:00
Mark Bolwell	515d5c3bf7	added changed_when to resolve false warning message Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:48 +01:00
Mark Bolwell	908ac57db7	enabled fetch report and updated title Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-19 16:26:01 +01:00
Mark Bolwell	3173b74481	updated grep command 1.3.1.6 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 17:21:45 +01:00
Mark Bolwell	35d0bf9c4b	updated auditing conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 13:19:14 +01:00
uk-bolly	27dc592c12	Merge pull request #343 from polski-g/auditd_check_mode auditd: ensure check mode runs non-destructive call to ausyscall --dump	2025-06-16 11:15:30 +02:00
Mark Bolwell	7bef2eda62	added check_mode false Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:12:27 +01:00
Mark Bolwell	18fc4ea585	updated conditional var name and regex best practices Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:08:56 +01:00
Mark Bolwell	b2308ac310	fixed typos in logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:55 +01:00
Mark Bolwell	51b20d383d	Renamed variable to prelim Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:07:27 +01:00
Mark Bolwell	9f50effd30	updated logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-16 10:01:10 +01:00
Mark Bolwell	30bb04b1d4	updates root password check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-06-12 12:10:44 +01:00
Fred W.	f86803b1a7	Merge pull request #346 from ansible-lockdown/May2025Fixes Fix for #325 thank you @mindrb	2025-06-09 12:23:28 -04:00
polski-g	5226f14b3e	fetch of auditd logfile should run in check_mode Signed-off-by: polski-g <polski_g@sent.at>	2025-06-06 10:03:47 -04:00
polski-g	1bff329a05	auditd: ensure check mode runs non-destructive call to ausyscall --dump Signed-off-by: polski-g <polski_g@sent.at>	2025-06-03 11:35:05 -04:00
uk-bolly	f70821bf7e	Merge pull request #340 from ansible-lockdown/interactive_user_update Updated variable naming for interactive_users	2025-05-28 18:42:20 +01:00
Mark Bolwell	cb475d3368	fixed typo on post audit file name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 16:10:28 +01:00
Mark Bolwell	f740d89b54	Added user home discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:36:39 +01:00
Mark Bolwell	210535bf4f	updated loop var name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:36:04 +01:00
Mark Bolwell	c4070c341b	Updated logic on 7.2.9 tasks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 15:35:34 +01:00
Mark Bolwell	5dc2541731	Updated passwd variable name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 14:57:29 +01:00
Mark Bolwell	d136bfa381	Updated variable naming for interactive_users Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-28 10:22:30 +01:00
uk-bolly	96d054b0d2	Merge pull request #338 from polski-g/groupgroup_typo Fix typo in variable name discovered_group_check	2025-05-28 10:02:28 +01:00
uk-bolly	4b4033e072	Merge pull request #337 from polski-g/network_manager_package_name Variablize network-manager package name	2025-05-28 10:01:44 +01:00
polski_g	fb9577f7d9	Fix typo in variable name discovered_group_check Signed-off-by: polski-g <polski_g@sent.at>	2025-05-23 12:34:44 -04:00
polski_g	4e49532e20	Variablize network-manager package name Signed-off-by: polski-g <polski_g@sent.at>	2025-05-23 12:33:55 -04:00
polski_g	f564135e72	Check for existence of sshd_config.d/50-redhat.conf before trying to modify it Signed-off-by: polski-g <polski_g@sent.at>	2025-05-23 12:32:02 -04:00
Mark Bolwell	f83e5a69a2	interactive users ilogic improvements thanks to @polski-g Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-23 16:05:01 +01:00
Frederick Witty	0e61e796c6	Fix for #325 thank you @mindrb Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>	2025-05-23 11:00:13 -04:00
Mark Bolwell	daf5a3f462	changed command to shell for grep Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-23 15:01:16 +01:00
Mark Bolwell	15bf03c754	added check mode logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-23 14:34:30 +01:00
Mark Bolwell	2b37d0d732	added check_mode logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-23 14:30:17 +01:00
Mark Bolwell	8d5a32bc39	added rhel9cis_rsyslog_ansiblemanage conditional Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-05-23 14:25:42 +01:00

1 2 3 4 5 ...

522 commits