forked from ansible-lockdown/RHEL9-CIS
86 lines
1.8 KiB
YAML
86 lines
1.8 KiB
YAML
---
|
|
|
|
- name: "2.2.1 | PATCH | Ensure ftp client is not installed"
|
|
when:
|
|
- not rhel9cis_ftp_client
|
|
- "'ftp' in ansible_facts.packages"
|
|
- rhel9cis_rule_2_2_1
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- automated
|
|
- patch
|
|
- ftp
|
|
- NIST800-53R5_CM-7
|
|
- rule_2.2.1
|
|
ansible.builtin.package:
|
|
name: ftp
|
|
state: absent
|
|
|
|
- name: "2.2.2 | PATCH | Ensure ldap client is not installed"
|
|
when:
|
|
- not rhel9cis_openldap_clients_required
|
|
- "'openldap-clients' in ansible_facts.packages"
|
|
- rhel9cis_rule_2_2_2
|
|
tags:
|
|
- level2-server
|
|
- level2-workstation
|
|
- automated
|
|
- patch
|
|
- ldap
|
|
- NIST800-53R5_CM-7
|
|
- rule_2.2.2
|
|
ansible.builtin.package:
|
|
name: openldap-clients
|
|
state: absent
|
|
|
|
- name: "2.2.3 | PATCH | Ensure nis client is not installed"
|
|
when:
|
|
- not rhel9cis_ypbind_required
|
|
- "'ypbind' in ansible_facts.packages"
|
|
- rhel9cis_rule_2_2_3
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- automated
|
|
- patch
|
|
- nis
|
|
- NIST800-53R5_CM-7
|
|
- rule_2.2.3
|
|
ansible.builtin.package:
|
|
name: ypbind
|
|
state: absent
|
|
|
|
- name: "2.2.4 | PATCH | Ensure telnet client is not installed"
|
|
when:
|
|
- not rhel9cis_telnet_required
|
|
- "'telnet' in ansible_facts.packages"
|
|
- rhel9cis_rule_2_2_4
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- automated
|
|
- patch
|
|
- telnet
|
|
- NIST800-53R5_CM-7
|
|
- rule_2.2.4
|
|
ansible.builtin.package:
|
|
name: telnet
|
|
state: absent
|
|
|
|
- name: "2.2.5 | PATCH | Ensure TFTP client is not installed"
|
|
when:
|
|
- not rhel9cis_tftp_client
|
|
- "'tftp' in ansible_facts.packages"
|
|
- rhel9cis_rule_2_2_5
|
|
tags:
|
|
- level1-server
|
|
- level1-workstation
|
|
- automated
|
|
- patch
|
|
- tftp
|
|
- NIST800-53R5_CM-7
|
|
- rule_2.2.5
|
|
ansible.builtin.package:
|
|
name: tftp
|
|
state: absent
|