mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-11-25 06:31:27 +00:00
Merge pull request #576 from danielkubat/auditd
auditd moved to separate tasks file
This commit is contained in:
commit
3379f4d1eb
@ -16,8 +16,3 @@
|
||||
|
||||
- name: regenerate_auditd_rules
|
||||
command: /sbin/augenrules
|
||||
|
||||
- name: restart_auditd
|
||||
service:
|
||||
name: auditd
|
||||
state: restarted
|
||||
|
@ -33,6 +33,9 @@
|
||||
- name: Configure PAM
|
||||
import_tasks: tasks/authentication.yml
|
||||
|
||||
- name: Configure auditd
|
||||
include: tasks/auditd.yml
|
||||
|
||||
post_tasks:
|
||||
- name: Touching run file that ansible has ran here
|
||||
file:
|
||||
|
35
ansible/playbooks/tasks/auditd.yml
Normal file
35
ansible/playbooks/tasks/auditd.yml
Normal file
@ -0,0 +1,35 @@
|
||||
---
|
||||
- name: Ensure auditd is installed
|
||||
package:
|
||||
name: audit
|
||||
state: present
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Ensure auditd is enabled
|
||||
service:
|
||||
name: auditd
|
||||
enabled: true
|
||||
|
||||
- name: Ensure auditd buffer is OK
|
||||
replace:
|
||||
path: /etc/audit/rules.d/audit.rules
|
||||
regexp: '-b \d+'
|
||||
replace: '-b {{ audit_buffer }}'
|
||||
notify:
|
||||
- regenerate_auditd_rules
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Ensure collection audit rules are available
|
||||
template:
|
||||
src: "etc/audit/rules.d/collection.rules.j2"
|
||||
dest: "/etc/audit/rules.d/collection.rules"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
backup: true
|
||||
notify:
|
||||
- regenerate_auditd_rules
|
||||
tags:
|
||||
- harden
|
@ -151,39 +151,6 @@
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Auditd
|
||||
block:
|
||||
- name: Ensure auditd is installed
|
||||
package:
|
||||
name: audit
|
||||
state: present
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Ensure auditd buffer is OK
|
||||
replace:
|
||||
path: /etc/audit/rules.d/audit.rules
|
||||
regexp: '-b \d+'
|
||||
replace: '-b {{ audit_buffer }}'
|
||||
notify:
|
||||
- regenerate_auditd_rules
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Ensure collection audit rules are available
|
||||
template:
|
||||
src: "etc/audit/rules.d/collection.rules.j2"
|
||||
dest: "/etc/audit/rules.d/collection.rules"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
backup: true
|
||||
notify:
|
||||
- regenerate_auditd_rules
|
||||
- restart_auditd
|
||||
tags:
|
||||
- harden
|
||||
|
||||
- name: Disable Services
|
||||
service:
|
||||
name: "{{ item }}"
|
||||
|
Loading…
Reference in New Issue
Block a user