-
Notifications
You must be signed in to change notification settings - Fork 165
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #134 from ansible-lockdown/devel
New Benchmark updates and issue fixes Signed-off-by: George Nalen <[email protected]>
- Loading branch information
Showing
66 changed files
with
1,174 additions
and
781 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
name: Report Issue | ||
about: Create a bug issue ticket to help us improve | ||
title: '' | ||
labels: bug | ||
assignees: '' | ||
|
||
--- | ||
|
||
**Describe the Issue** | ||
A clear and concise description of what the bug is. | ||
|
||
**Expected Behavior** | ||
A clear and concise description of what you expected to happen. | ||
|
||
**Actual Behavior** | ||
A clear and concise description of what's happening. | ||
|
||
**Control(s) Affected** | ||
What controls are being affected by the issue | ||
|
||
**Environment (please complete the following information):** | ||
- Ansible Version: [e.g. 2.10] | ||
- Host Python Version: [e.g. Python 3.7.6] | ||
- Ansible Server Python Version: [e.g. Python 3.7.6] | ||
- Additional Details: | ||
|
||
**Additional Notes** | ||
Anything additional goes here | ||
|
||
**Possible Solution** | ||
Enter a suggested fix here |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
name: Feature Request or Enhancement | ||
about: Suggest an idea for this project | ||
title: '' | ||
labels: enhancement | ||
assignees: '' | ||
|
||
--- | ||
|
||
**Feature Request or Enhancement** | ||
- Feature [] | ||
- Enhancement [] | ||
|
||
**Summary of Request** | ||
A clear and concise description of what you want to happen. | ||
|
||
**Describe alternatives you've considered** | ||
A clear and concise description of any alternative solutions or features you've considered. | ||
|
||
**Suggested Code** | ||
Please provide any code you have in mind to fulfill the request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
--- | ||
name: Question | ||
about: Ask away....... | ||
title: '' | ||
labels: question | ||
assignees: '' | ||
|
||
--- | ||
|
||
**Question** | ||
Pose question here. | ||
|
||
**Environment (please complete the following information):** | ||
- Ansible Version: [e.g. 2.10] | ||
- Host Python Version: [e.g. Python 3.7.6] | ||
- Ansible Server Python Version: [e.g. Python 3.7.6] | ||
- Additional Details: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
**Overall Review of Changes:** | ||
A general description of the changes made that are being requested for merge | ||
|
||
**Issue Fixes:** | ||
Please list (using linking) any open issues this PR addresses | ||
|
||
**Enhancements:** | ||
Please list any enhancements/features that are not open issue tickets | ||
|
||
**How has this been tested?:** | ||
Please give an overview of how these changes were tested. If they were not please use N/A | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,47 +1,68 @@ | ||
# Changes to rhel8CIS | ||
|
||
## 1.3.1 | ||
- CIS 1.0.1 updates | ||
- Added Issue and PR templates | ||
- Added better reboot logic | ||
- Added options to ensure idempotence | ||
- Enhanced flush handlers | ||
- Typo fixes | ||
- mount check improvements | ||
- Linting fixes | ||
- Added systemd tmp mount | ||
- Added systemd tmpfs block | ||
- #110 tmp.mount support | ||
- thanks to @erpadmin | ||
|
||
|
||
## 1.3 | ||
|
||
- extentions to LE audit capability | ||
- more lint and layout changes | ||
- sugroup assertion added 5.7 | ||
- added extra logic variable to authselect/config section 5.3 related | ||
- AlmaLinux and Rocky tested (comments in readme - also rsyslog installed at build or will fail) | ||
- section 1.1 mount work has been rewritten and systemd tmp mount options added | ||
|
||
## 1.2.3 | ||
|
||
- #117 sugroup enhancements | ||
- thanks to @ihotz | ||
- #112 use of dnf module not shell | ||
- thanks to @wolskie | ||
|
||
## 1.2.2 | ||
|
||
- #33 mkgrub missing variable issues - efi and bios path resolution | ||
- thanks to mrampant & mickey1928geo | ||
- thanks to @mrampant & @mickey1928geo | ||
- #102 2.2.2 xorg pkg removal extended | ||
- thanks to RosarioVinoth | ||
- thanks to @RosarioVinoth | ||
- #104 5.4.1 pwquality logic | ||
- thanks to RosarioVinoth | ||
- thanks to @RosarioVinoth | ||
- #107 Idempotence improvement for 4.1.1.3 and 4.1.1.4 | ||
- thanks to andreyzher | ||
|
||
- thanks to @andreyzher | ||
- lint changes and updates to sync with ansible-galaxy | ||
|
||
## v1.2.1 | ||
|
||
- bootloader and default variables | ||
- empty strings lint updates | ||
|
||
### 87 | ||
|
||
- #87 | ||
- rule 6.1.1 - audit only - outputs file discrepancies to {{ rhel8cis_rpm_audit_file }} | ||
|
||
### 88 | ||
|
||
- #88 | ||
- checkmode_improvements added to relevant tasks | ||
|
||
### PR #96 | ||
|
||
- PR #96 | ||
- crypto policy idempotency | ||
|
||
## v1.2.0 | ||
|
||
### 86 | ||
|
||
- #86 | ||
- Adding on the goss auditing tool | ||
- remove deprecated warnings | ||
- format and layout | ||
- general improvements | ||
- readme updates | ||
- use ansible package_facts | ||
|
||
### 90 | ||
|
||
- #90 | ||
- cis fix - nfs-server not nfs | ||
- Thanks to danderemer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.