diff --git a/tasks/section_2/cis_2.2.x.yml b/tasks/section_2/cis_2.2.x.yml index 549600a..98677df 100644 --- a/tasks/section_2/cis_2.2.x.yml +++ b/tasks/section_2/cis_2.2.x.yml @@ -308,7 +308,7 @@ when: - amzn2023cis_rpc_server == "remove" - - name: "2.2.17 | PATCH | Ensure rpcbind is not installed or the rpcbind services are masked | mask service" + - name: "2.2.17 | PATCH | Ensure rpcbind is not installed or the rpcbind services are masked | mask socket" ansible.builtin.systemd: name: rpcbind.socket masked: true @@ -316,6 +316,15 @@ daemon_reload: true when: - amzn2023cis_rpc_server == "mask" + + - name: "2.2.17 | PATCH | Ensure rpcbind is not installed or the rpcbind services are masked | mask service" + ansible.builtin.systemd: + name: rpcbind.service + masked: true + state: stopped + daemon_reload: true + when: + - amzn2023cis_rpc_server == "mask" when: - "'rpcbind' in ansible_facts.packages" - amzn2023cis_rule_2_2_17