forked from ansible-lockdown/RHEL9-CIS
7ec2c9bf5e
6.2.2.3 and 6.2.2.4 cause issues due to current re syntax: ^(?i)(\s*compress=) re.error: global flags not at the start of the expression at position 1 Fix removes ^ which resolves issue without affecting functionality. Signed-off-by: davidalexander83 <davidalexander83@icloud.com>
80 lines
2.5 KiB
YAML
80 lines
2.5 KiB
YAML
---
|
|
|
|
- name: "6.2.2.2 | PATCH | Ensure journald ForwardToSyslog is disabled"
|
|
when: rhel9cis_rule_6_2_2_2
|
|
tags:
|
|
- level1-server
|
|
- level2-workstation
|
|
- patch
|
|
- journald
|
|
- rule_6.2.2.2
|
|
- NIST800-53R5_AU-2
|
|
- NIST800-53R5_AU-6
|
|
- NIST800-53R5_AU-7
|
|
- NIST800-53R5_AU-12
|
|
notify: Restart journald
|
|
block:
|
|
- name: "6.2.2.2 | PATCH | Ensure journald ForwardToSyslog is disabled | Add file"
|
|
ansible.builtin.template:
|
|
src: etc/systemd/journald.conf.d/forwardtosyslog.conf.j2
|
|
dest: /etc/systemd/journald.conf.d/forwardtosyslog.conf
|
|
owner: root
|
|
group: root
|
|
mode: 'g-wx,o-rwx'
|
|
|
|
- name: "6.2.2.2 | PATCH | Ensure journald ForwardToSyslog is disabled | comment out current entries"
|
|
ansible.builtin.replace:
|
|
path: /etc/systemd/journald.conf
|
|
regexp: ^(\s*ForwardToSyslog)
|
|
replace: '#\1'
|
|
|
|
- name: "6.2.2.3 | PATCH | Ensure journald Compress is configured"
|
|
when: rhel9cis_rule_6_2_2_3
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- patch
|
|
- journald
|
|
- rule_6.2.2.3
|
|
- NIST800-53R5_AU-4
|
|
notify: Restart journald
|
|
block:
|
|
- name: "6.2.2.3 | PATCH | Ensure journald Compress is configured | Add file"
|
|
ansible.builtin.template:
|
|
src: etc/systemd/journald.conf.d/storage.conf.j2 # Added to the same file as 6.2.1.1.4
|
|
dest: /etc/systemd/journald.conf.d/storage.conf
|
|
owner: root
|
|
group: root
|
|
mode: 'g-wx,o-rwx'
|
|
|
|
- name: "6.2.2.3 | PATCH | Ensure journald Compress is configured | comment out current entries"
|
|
ansible.builtin.replace:
|
|
path: /etc/systemd/journald.conf
|
|
regexp: (?i)(\s*compress=)
|
|
replace: '#\1'
|
|
|
|
- name: "6.2.2.4 | PATCH | Ensure journald Storage is configured"
|
|
when: rhel9cis_rule_6_2_2_4
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- patch
|
|
- journald
|
|
- rule_6.2.2.4
|
|
- NIST800-53R5_AU-3
|
|
- NIST800-53R5_AU-12
|
|
notify: Restart journald
|
|
block:
|
|
- name: "6.2.2.4 | PATCH | Ensure journald Storage is configured | Add file"
|
|
ansible.builtin.template:
|
|
src: etc/systemd/journald.conf.d/storage.conf.j2
|
|
dest: /etc/systemd/journald.conf.d/storage.conf
|
|
owner: root
|
|
group: root
|
|
mode: 'g-wx,o-rwx'
|
|
|
|
- name: "6.2.2.4 | PATCH | Ensure journald Storage is configured | comment out current entries"
|
|
ansible.builtin.replace:
|
|
path: /etc/systemd/journald.conf
|
|
regexp: (?i)(\s*storage=)
|
|
replace: '#\1'
|