Skip to content

Patch 1 - A small PR to fix some typos found while using Redhat-8 cis-security script #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bibingeor1986 wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Patch 1 - A small PR to fix some typos found while using Redhat-8 cis-security script #83

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7a53957
Create typo-fix
bibingeor1986 Mar 25, 2024
2aa0ba6
redhat-8-type: Fix typo in 5.2.7
bibingeor1986 Mar 25, 2024
af496fe
redhat-8-type: Fix typo in 6.1.13
bibingeor1986 Mar 25, 2024
5eeba13
redhat-8-type: Fix typo in 4.2.2.1.4
bibingeor1986 Mar 25, 2024
4688676
redhat-8-type: Fix typo in 4.2.1.7 & fix tags for CIS 2.0.0 rules 1.1…
bibingeor1986 Apr 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions roles/cis_security/tasks/type-files/redhat-8-type.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -539,17 +539,17 @@
# Turn off and disable the autofs service using the service module.
# We check to see if the package that autofs belongs to (convienently called autofs)
# exists in the ansible_facts.packages list we gathered early in the play
- name: 1.1.22 - disable automounting
- name: 1.1.9 - disable automounting
ansible.builtin.systemd:
name: autofs
enabled: false
state: stopped
masked: true
when: "'autofs' in ansible_facts.packages"
tags:
- 1.1.22
- 1.1.9

- name: 1.1.23 - Disable USB storage module
- name: 1.1.10 - Disable USB storage module
ansible.builtin.lineinfile:
dest: /etc/modprobe.d/CIS.conf
line: "install usb-storage /bin/true"
Expand All @@ -559,7 +559,7 @@
group: root
mode: 0644
tags:
- 1.1.23
- 1.1.10

# Control 1.2.1 is system updating. Make sure system is set for some kind of system software update

Expand Down Expand Up @@ -2281,7 +2281,7 @@
# Control 4.2.1.6 - Ensure rsyslog is configured to send logs to a remote log host is machine dependent
# skipping

- name: 4.2.1.7 - Ensure remote rsyslog messages are only acepted on designated log hosts
- name: 4.2.1.7 - Ensure remote rsyslog messages are only accepted on designated log hosts
tags:
- 4.2.1.7
block:
Expand Down Expand Up @@ -2367,7 +2367,7 @@
tags:
- 4.2.2.1.4

- name: 4.2.2.1.4 Ensure jorunald service is masked
- name: 4.2.2.1.4 Ensure journald service is masked
ansible.builtin.systemd:
name: systemd-journal-remote.service
enabled: false
Expand Down Expand Up @@ -2652,7 +2652,7 @@
tags:
- 5.2.6

- name: 5.2.7 - Ensure PermitRootLogin is disbled
- name: 5.2.7 - Ensure PermitRootLogin is disabled
ansible.builtin.lineinfile:
path: /etc/ssh/sshd_config
line: "PermitRootLogin no"
Expand Down Expand Up @@ -3169,7 +3169,7 @@

- name: 6.1.13 - Print any ungrouped files found
ansible.builtin.debug:
msg: "ungrouped files found: {{ uo_files.stdout }}"
msg: "ungrouped files found: {{ ug_files.stdout }}"
changed_when: true
when: ug_files.stdout

Expand Down