diff --git a/tasks/section_1/cis_1.3.x.yml b/tasks/section_1/cis_1.3.x.yml index f951332..6d8efb7 100644 --- a/tasks/section_1/cis_1.3.x.yml +++ b/tasks/section_1/cis_1.3.x.yml @@ -53,7 +53,7 @@ - rule_1.3.2 - nist_sp800-53r5_AU-2 -- name: "1.3.3 | Ensure cryptographic mechanisms are used to protect the integrity of audit tools" +- name: "1.3.3 | PATCH | Ensure cryptographic mechanisms are used to protect the integrity of audit tools" ansible.builtin.blockinfile: path: /etc/aide.conf marker: "# {mark} Audit tools - CIS benchmark - Ansible-lockdown" diff --git a/tasks/section_4/cis_4.2.x.yml b/tasks/section_4/cis_4.2.x.yml index 6134cb4..345a2ca 100644 --- a/tasks/section_4/cis_4.2.x.yml +++ b/tasks/section_4/cis_4.2.x.yml @@ -1,6 +1,6 @@ --- -- name: "4.2.1 | Ensure permissions on /etc/ssh/sshd_config are configured" +- name: "4.2.1 | PATCH | Ensure permissions on /etc/ssh/sshd_config are configured" ansible.builtin.file: path: "/etc/ssh/sshd_config" owner: root diff --git a/tasks/section_4/cis_4.6.x.yml b/tasks/section_4/cis_4.6.x.yml index 88e787c..9e6e32a 100644 --- a/tasks/section_4/cis_4.6.x.yml +++ b/tasks/section_4/cis_4.6.x.yml @@ -2,7 +2,7 @@ - name: "4.6.2 | PATCH | Ensure system accounts are secured" block: - - name: "4.6.2 | Ensure system accounts are secured | Set nologin" + - name: "4.6.2 | PATCH | Ensure system accounts are secured | Set nologin" ansible.builtin.user: name: "{{ item.id }}" shell: /usr/sbin/nologin diff --git a/tasks/section_6/cis_6.2.x.yml b/tasks/section_6/cis_6.2.x.yml index c100d41..20a8dda 100644 --- a/tasks/section_6/cis_6.2.x.yml +++ b/tasks/section_6/cis_6.2.x.yml @@ -78,7 +78,7 @@ - nist_sp800-53r5_CM-7 - nist_sp800-53r5_IA-5 -- name: "6.2.4 | AUDIT Ensure no duplicate UIDs exist" +- name: "6.2.4 | AUDIT | Ensure no duplicate UIDs exist" block: - name: "6.2.4 | AUDIT | Ensure no duplicate UIDs exist | Check for duplicate UIDs" ansible.builtin.shell: "pwck -r | awk -F: '{if ($3 in uid) print $1 ; else uid[$3]}' /etc/passwd"