From 42abf5df5884dac0d29dae726ce9cf764922a945 Mon Sep 17 00:00:00 2001
From: nazunalika <tucklesepk@gmail.com>
Date: Fri, 11 Dec 2020 16:54:32 -0700
Subject: [PATCH] ansible lint fixes

---
 ansible/playbooks/tasks/harden.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ansible/playbooks/tasks/harden.yml b/ansible/playbooks/tasks/harden.yml
index b6814a7..9b36219 100644
--- a/ansible/playbooks/tasks/harden.yml
+++ b/ansible/playbooks/tasks/harden.yml
@@ -175,6 +175,7 @@
         dest: "/etc/audit/rules.d/collection.rules"
         owner: root
         group: root
+        mode: '600'
         backup: true
       notify:
         - regenerate_auditd_rules
@@ -222,6 +223,11 @@
     state: present
     regexp: ^umask
     line: "umask 027"
+    create: yes
+    owner: root
+    group: root
+    mode: '0644'
+  when: ansible_distribution_major_version == '7'
   tags:
     - harden