From ecfee57c6047ba6e28833ae75e128bb0d7faac79 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 31 Mar 2025 08:38:59 +0100
Subject: [PATCH 1/4] updated workflow files

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 .github/workflows/devel_pipeline_validation.yml |  3 ++-
 .github/workflows/main_pipeline_validation.yml  | 12 +-----------
 2 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/devel_pipeline_validation.yml b/.github/workflows/devel_pipeline_validation.yml
index afe85e0..f61c743 100644
--- a/.github/workflows/devel_pipeline_validation.yml
+++ b/.github/workflows/devel_pipeline_validation.yml
@@ -7,6 +7,8 @@
         types: [opened, reopened, synchronize]
         branches:
             - devel
+            - benchmark*
+            - latest
         paths:
             - '**.yml'
             - '**.sh'
@@ -70,7 +72,6 @@
                  echo IAC_BRANCH=main >> $GITHUB_ENV
               fi
 
-
           # Pull in terraform code for linux servers
           - name: Clone GitHub IaC plan
             uses: actions/checkout@v4
diff --git a/.github/workflows/main_pipeline_validation.yml b/.github/workflows/main_pipeline_validation.yml
index 4a5adc9..6792a00 100644
--- a/.github/workflows/main_pipeline_validation.yml
+++ b/.github/workflows/main_pipeline_validation.yml
@@ -7,6 +7,7 @@
         types: [opened, reopened, synchronize]
         branches:
             - main
+            - latest
         paths:
             - '**.yml'
             - '**.sh'
@@ -23,17 +24,6 @@
   # A workflow run is made up of one or more jobs
   # that can run sequentially or in parallel
   jobs:
-    # This will create messages for first time contributers and direct them to the Discord server
-      welcome:
-        runs-on: self-hosted
-
-        steps:
-            - uses: actions/first-interaction@main
-              with:
-                repo-token: ${{ secrets.GITHUB_TOKEN }}
-                pr-message: |-
-                    Congrats on opening your first pull request and thank you for taking the time to help improve Ansible-Lockdown!
-                    Please join in the conversation happening on the [Discord Server](https://www.lockdownenterprise.com/discord) as well.
 
       # This workflow contains a single job that tests the playbook
       playbook-test:

From 2611117b339139b884f036940b50fccde8ffa64b Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 31 Mar 2025 08:40:25 +0100
Subject: [PATCH 2/4] Updated

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 .gitignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 609a095..6d9e260 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,5 +44,5 @@ benchparse/
 # GitHub Action/Workflow files
 .github/
 
-# Precommit
+# ansible-lint cache
 .ansible/

From 62c67740e4256e6045d1c52217c9ca11c006d60a Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 31 Mar 2025 08:41:38 +0100
Subject: [PATCH 3/4] typo fixes

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 templates/audit/99_auditd.rules.j2 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/audit/99_auditd.rules.j2 b/templates/audit/99_auditd.rules.j2
index 4c888da..0f7af4b 100644
--- a/templates/audit/99_auditd.rules.j2
+++ b/templates/audit/99_auditd.rules.j2
@@ -43,8 +43,8 @@
 {{ arch_syscalls.append( syscall) }}
 {% endif %}
 {% endfor %}
--a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }}  -k system-locale
--a always,exit -F arch=b32 -S {{ arch_syscalls|join(',') }}  -k system-locale
+-a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }} -k system-locale
+-a always,exit -F arch=b32 -S {{ arch_syscalls|join(',') }} -k system-locale
 -w /etc/issue -p wa -k system-locale
 -w /etc/issue.net -p wa -k system-locale
 -w /etc/hosts -p wa -k system-locale
@@ -99,7 +99,7 @@
 {% endif %}
 {% endfor %}
 -a always,exit -F arch=b64 -S {{ arch_syscalls|join(',') }} -F auid>=1000 -F auid!=unset -k perm_mod
-{% set syscalls = ["etxattr","lsetxattr","fsetxattr","removexattr","lremovexattr","fremovexattr"] %}
+{% set syscalls = ["setxattr","lsetxattr","fsetxattr","removexattr","lremovexattr","fremovexattr"] %}
 {% set arch_syscalls = [] %}
 {% for syscall in syscalls  %}
 {% if syscall in supported_syscalls %}

From c1684508f689f0cc055011ff92d9adafb7417f9b Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 31 Mar 2025 09:07:09 +0100
Subject: [PATCH 4/4] updated

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 .github/workflows/devel_pipeline_validation.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/devel_pipeline_validation.yml b/.github/workflows/devel_pipeline_validation.yml
index f61c743..10750a2 100644
--- a/.github/workflows/devel_pipeline_validation.yml
+++ b/.github/workflows/devel_pipeline_validation.yml
@@ -8,7 +8,6 @@
         branches:
             - devel
             - benchmark*
-            - latest
         paths:
             - '**.yml'
             - '**.sh'