colin
/
UBUNTU24-CIS
mirror of https://github.com/ansible-lockdown/UBUNTU24-CIS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated logic thanks to @UZziell #40 

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2025-05-12 17:08:31 +01:00
parent fac8eb7e02
commit 1ec17228ff
No known key found for this signature in database
GPG Key ID: 997FF7FE93AEB5B9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tasks/section_2/cis_2.3.3.x.yml
View File

@ -15,9 +15,9 @@
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}.j2" src: "{{ item }}.j2"
dest: "/{{ item }}" dest: "/{{ item }}"
mode: 'go-r' mode: 'g=r,o-rwx'
owner: root owner: root
group: root group: "{% if ubtu24cis_rule_2_3_3_2 %}_chrony{% else %}root{% endif %}"
loop: loop:
- etc/chrony/sources.d/pool.sources - etc/chrony/sources.d/pool.sources
- etc/chrony/sources.d/server.sources - etc/chrony/sources.d/server.sources