From a0f12f61c4fed335d42f190640d35b517c9d521c Mon Sep 17 00:00:00 2001 From: Mark Bolwell Date: Mon, 4 Nov 2024 12:26:26 +0000 Subject: [PATCH 1/2] addressed #247 thanks to @angaaruriakhil Signed-off-by: Mark Bolwell --- tasks/prelim.yml | 39 ++++++++++++++++++--------------------- 1 file changed, 18 insertions(+), 21 deletions(-) diff --git a/tasks/prelim.yml b/tasks/prelim.yml index c72db65..50d73e0 100644 --- a/tasks/prelim.yml +++ b/tasks/prelim.yml @@ -138,28 +138,13 @@ - always - name: "PRELIM | PATCH | Ensure auditd is installed" - block: - - name: "PRELIM | PATCH | Ensure auditd is installed" - ansible.builtin.package: - name: ['auditd', 'audispd-plugins'] - state: present - when: - - "'auditd' not in ansible_facts.packages or - 'auditd-plugins' not in ansible_facts.packages" - - - name: "PRELIM | AUDIT | Audit conf and rules files | list files" - ansible.builtin.find: - path: /etc/audit/ - file_type: file - recurse: true - patterns: '*.conf,*.rules' - register: auditd_conf_files - + ansible.builtin.package: + name: ['auditd', 'audispd-plugins'] + state: present when: - - ubtu22cis_rule_4_1_1_1 or - ubtu22cis_rule_4_1_4_5 or - ubtu22cis_rule_4_1_4_6 or - ubtu22cis_rule_4_1_4_7 + - "'auditd' not in ansible_facts.packages or + 'auditd-plugins' not in ansible_facts.packages" + - ubtu22cis_rule_4_1_1_1 tags: - level2-server - level2-workstation @@ -167,6 +152,18 @@ - auditd - always +- name: "PRELIM | AUDIT | Audit conf and rules files | list files" + ansible.builtin.find: + path: /etc/audit/ + file_type: file + recurse: true + patterns: '*.conf,*.rules' + register: auditd_conf_files + tags: + - patch + - auditd + - always + - name: "PRELIM | AUDIT | Check if auditd is immutable before changes" ansible.builtin.shell: auditctl -l | grep -c '-e 2' changed_when: false From 048d1976e5d0199db1724278cf5db5a07ebe0b32 Mon Sep 17 00:00:00 2001 From: Mark Bolwell Date: Mon, 4 Nov 2024 12:32:45 +0000 Subject: [PATCH 2/2] added fix for #248 thanks to @dlesaffrew Signed-off-by: Mark Bolwell --- tasks/section_6/cis_6.1.x.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks/section_6/cis_6.1.x.yml b/tasks/section_6/cis_6.1.x.yml index 9c4c677..9770898 100644 --- a/tasks/section_6/cis_6.1.x.yml +++ b/tasks/section_6/cis_6.1.x.yml @@ -21,6 +21,8 @@ owner: root group: root mode: '0644' + failed_when: discovered_file_exists.state not in '[ file, absent ]' + register: discovered_file_exists when: - ubtu22cis_rule_6_1_2 tags: