Compare commits
	
		
			4 Commits
		
	
	
		
			e7d62e81e1
			...
			4b0c43e47b
		
	
	| Author | SHA1 | Date | 
|---|---|---|
|  rronneburger | 4b0c43e47b | |
|  uk-bolly | b631e9e2d6 | |
| ![pre-commit-ci[bot]](/assets/img/avatar_default.png) pre-commit-ci[bot] | 777971e29f | |
|  Ralf Ronneburger | fe8c656c3c | 
|  | @ -41,12 +41,12 @@ repos: | ||||||
|   - id: detect-secrets |   - id: detect-secrets | ||||||
| 
 | 
 | ||||||
| - repo: https://github.com/gitleaks/gitleaks | - repo: https://github.com/gitleaks/gitleaks | ||||||
|   rev: v8.24.3 |   rev: v8.25.1 | ||||||
|   hooks: |   hooks: | ||||||
|   - id: gitleaks |   - id: gitleaks | ||||||
| 
 | 
 | ||||||
| - repo: https://github.com/ansible-community/ansible-lint | - repo: https://github.com/ansible-community/ansible-lint | ||||||
|   rev: v25.2.1 |   rev: v25.4.0 | ||||||
|   hooks: |   hooks: | ||||||
|   - id: ansible-lint |   - id: ansible-lint | ||||||
|     name: Ansible-lint |     name: Ansible-lint | ||||||
|  | @ -65,7 +65,7 @@ repos: | ||||||
|     # - ansible-core>=2.10.1 |     # - ansible-core>=2.10.1 | ||||||
| 
 | 
 | ||||||
| - repo: https://github.com/adrienverge/yamllint.git | - repo: https://github.com/adrienverge/yamllint.git | ||||||
|   rev: v1.37.0  # or higher tag |   rev: v1.37.1  # or higher tag | ||||||
|   hooks: |   hooks: | ||||||
|   - id: yamllint |   - id: yamllint | ||||||
|     name: Check YAML Lint |     name: Check YAML Lint | ||||||
|  |  | ||||||
|  | @ -12,6 +12,12 @@ | ||||||
|     mode: 'go-w' |     mode: 'go-w' | ||||||
|     state: directory |     state: directory | ||||||
| 
 | 
 | ||||||
|  | - name: Pre Audit Setup | Ensure existence of {{ audit_log_dir }} | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: "{{ audit_log_dir }}" | ||||||
|  |     mode: 'go-w' | ||||||
|  |     state: directory | ||||||
|  | 
 | ||||||
| - name: Pre Audit Setup | If using git for content set up | - name: Pre Audit Setup | If using git for content set up | ||||||
|   when: audit_content == 'git' |   when: audit_content == 'git' | ||||||
|   block: |   block: | ||||||
|  |  | ||||||
|  | @ -19,6 +19,21 @@ | ||||||
|     regexp: nologin |     regexp: nologin | ||||||
|     replace: "" |     replace: "" | ||||||
| 
 | 
 | ||||||
|  | - name: "5.4.3.2 | PATCH | Remove old content from {{ ubtu24cis_shell_session_file }} before adding new lines" | ||||||
|  |   when: | ||||||
|  |     - ubtu24cis_rule_5_4_3_2 | ||||||
|  |   tags: | ||||||
|  |     - level1-server | ||||||
|  |     - level1-workstation | ||||||
|  |     - patch | ||||||
|  |     - shell | ||||||
|  |     - rule_5.4.3.2 | ||||||
|  |     - NIST800-53R5_NA | ||||||
|  |   ansible.builtin.replace: | ||||||
|  |     path: "{{ ubtu24cis_shell_session_file }}" | ||||||
|  |     regexp: '# Logout Timeout\nexport TMOUT=0\nreadonly TMOUT\n' | ||||||
|  |     replace: '# Logout Timeout\n' | ||||||
|  | 
 | ||||||
| - name: "5.4.3.2 | PATCH | Ensure default user shell timeout is configured" | - name: "5.4.3.2 | PATCH | Ensure default user shell timeout is configured" | ||||||
|   when: |   when: | ||||||
|     - ubtu24cis_rule_5_4_3_2 |     - ubtu24cis_rule_5_4_3_2 | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue