-
Notifications
You must be signed in to change notification settings - Fork 303
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
- Loading branch information
Showing
7 changed files
with
117 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,33 +1,43 @@ | ||
| --- | ||
|
|
||
| - name: "SECTION | 1.1.1 | FileSystem Configurations" | ||
| ansible.builtin.import_tasks: cis_1.1.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.1.1.x.yml | ||
|
|
||
| - name: "SECTION | 1.1 | Partition Configurations" | ||
| ansible.builtin.import_tasks: cis_1.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.1.x.yml | ||
|
|
||
| - name: "SECTION | 1.2 | Configure Software Updates" | ||
| ansible.builtin.import_tasks: cis_1.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.2.x.yml | ||
|
|
||
| - name: "SECTION | 1.3 | Filesystem Integrity" | ||
| ansible.builtin.import_tasks: cis_1.3.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.3.x.yml | ||
| when: rhel7cis_config_aide | ||
|
|
||
| - name: "SECTION | 1.4 | Secure Boot Settings" | ||
| ansible.builtin.import_tasks: cis_1.4.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.4.x.yml | ||
|
|
||
| - name: "SECTION | 1.5 | Additional Process Hardening" | ||
| ansible.builtin.import_tasks: cis_1.5.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.5.x.yml | ||
|
|
||
| - name: "SECTION | 1.6 | Mandatory Access Control" | ||
| ansible.builtin.import_tasks: cis_1.6.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.6.x.yml | ||
| when: not rhel7cis_selinux_disable | ||
|
|
||
| - name: "SECTION | 1.7 | Warning Banners" | ||
| ansible.builtin.import_tasks: cis_1.7.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.7.x.yml | ||
|
|
||
| - name: "SECTION | 1.8 | GDM Login" | ||
| ansible.builtin.import_tasks: cis_1.8.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.8.x.yml | ||
|
|
||
| - name: "SECTION | 1.9 | Updated and Patches" | ||
| ansible.builtin.import_tasks: cis_1.9.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_1.9.x.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,16 +1,21 @@ | ||
| --- | ||
|
|
||
| - name: "SECTION | 2.1 | inetd Services" | ||
| ansible.builtin.import_tasks: cis_2.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_2.1.x.yml | ||
|
|
||
| - name: "SECTION | 2.2.1 | Time Synchronization" | ||
| ansible.builtin.import_tasks: cis_2.2.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_2.2.1.x.yml | ||
|
|
||
| - name: "SECTION | 2.2 | Special Purpose Services" | ||
| ansible.builtin.import_tasks: cis_2.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_2.2.x.yml | ||
|
|
||
| - name: "SECTION | 2.3 | Service Clients" | ||
| ansible.builtin.import_tasks: cis_2.3.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_2.3.x.yml | ||
|
|
||
| - name: "SECTION | 2.4 | Nonessential Services" | ||
| ansible.builtin.import_tasks: cis_2.4.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_2.4.x.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,16 +1,21 @@ | ||
| --- | ||
|
|
||
| - name: "SECTION | 4.1| Configure System Accounting (auditd)" | ||
| ansible.builtin.import_tasks: cis_4.1.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_4.1.1.x.yml | ||
|
|
||
| - name: "SECTION | 4.1.2.x| Configure Data Retention" | ||
| ansible.builtin.import_tasks: cis_4.1.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_4.1.2.x.yml | ||
|
|
||
| - name: "SECTION | 4.2.x| Configure Logging" | ||
| ansible.builtin.import_tasks: cis_4.2.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_4.2.1.x.yml | ||
|
|
||
| - name: "SECTION | 4.2.2.x| Configure journald" | ||
| ansible.builtin.import_tasks: cis_4.2.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_4.2.2.x.yml | ||
|
|
||
| - name: "SECTION | 4.2.x | logfile configuration" | ||
| ansible.builtin.import_tasks: cis_4.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_4.2.x.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,25 +1,33 @@ | ||
| --- | ||
|
|
||
| - name: "SECTION | 5.1 | Configure time-based job schedulers" | ||
| ansible.builtin.import_tasks: cis_5.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.1.x.yml | ||
|
|
||
| - name: "SECTION | 5.2 | Configure Sudo" | ||
| ansible.builtin.import_tasks: cis_5.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.2.x.yml | ||
|
|
||
| - name: "SECTION | 5.3 | Configure SSH Server" | ||
| ansible.builtin.import_tasks: cis_5.3.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.3.x.yml | ||
|
|
||
| - name: "SECTION | 5.4 | Configure PAM" | ||
| ansible.builtin.import_tasks: cis_5.4.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.4.x.yml | ||
|
|
||
| - name: "SECTION | 5.5.1 | Set Shadow Password Suite Parameters" | ||
| ansible.builtin.import_tasks: cis_5.5.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.5.1.x.yml | ||
|
|
||
| - name: "SECTION | 5.5 | User Accounts and Environment" | ||
| ansible.builtin.import_tasks: cis_5.5.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.5.x.yml | ||
|
|
||
| - name: "SECTION | 5.6 | User Accounts and Environment" | ||
| ansible.builtin.import_tasks: cis_5.6.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.6.yml | ||
|
|
||
| - name: "SECTION | 5.7 | User Accounts and Environment" | ||
| ansible.builtin.import_tasks: cis_5.7.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_5.7.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,9 @@ | ||
| --- | ||
|
|
||
| - name: "SECTION | 6.1 | System File Permissions" | ||
| ansible.builtin.import_tasks: cis_6.1.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_6.1.x.yml | ||
|
|
||
| - name: "SECTION | 6.2 | User and Group Settings" | ||
| ansible.builtin.import_tasks: cis_6.2.x.yml | ||
| ansible.builtin.import_tasks: | ||
| file: cis_6.2.x.yml |