ansible-ops-management/tasks/auditd.yml

45 lines
1 KiB
YAML
Raw Normal View History

2022-02-27 03:19:20 +00:00
---
- name: Ensure auditd is installed
2022-03-28 05:01:23 +00:00
ansible.builtin.package:
2022-02-27 03:19:20 +00:00
name: audit
state: present
tags:
- harden
- name: Ensure auditd is enabled
2022-03-28 05:01:23 +00:00
ansible.builtin.service:
2022-02-27 03:19:20 +00:00
name: auditd
enabled: true
- name: Ensure auditd buffer is OK
2022-03-28 05:01:23 +00:00
ansible.builtin.replace:
2022-02-27 03:19:20 +00:00
path: /etc/audit/rules.d/audit.rules
regexp: '-b \d+'
replace: '-b {{ audit_buffer }}'
notify:
- regenerate_auditd_rules
tags:
- harden
2023-08-14 07:34:58 +00:00
- name: Collect specific executables for dynamic list
ansible.builtin.command: "find /usr/bin /usr/sbin /usr/lib /usr/libexec -xdev -perm /6000 -type f"
register: exec_find_output
- name: Set variable for above collection
ansible.builtin.set_fact:
audit_suid_list: "{{ exec_find_output.stdout_lines }}"
2022-02-27 03:19:20 +00:00
- name: Ensure collection audit rules are available
2022-03-28 05:01:23 +00:00
ansible.builtin.template:
2022-02-27 03:19:20 +00:00
src: "etc/audit/rules.d/collection.rules.j2"
dest: "/etc/audit/rules.d/collection.rules"
owner: root
group: root
mode: '0600'
backup: true
notify:
- regenerate_auditd_rules
tags:
- harden
...