infrastructure/mono-infrastructure
7
0
Fork 0
mirror of https://github.com/rocky-linux/infrastructure synced 2024-06-01 11:20:16 +00:00
Code Issues Projects Releases Wiki Activity

fix hardening

Browse Source
This commit is contained in:
nazunalika 2021-01-21 15:05:35 -07:00
parent a283fd378f
commit d20f9a5e61
Signed by: label
GPG Key ID: CB6D9706D138D190
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ansible/playbooks/tasks/authentication.yml
View File

@ -35,18 +35,18 @@
- name: Override system-auth and password-auth
copy:
src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
src: "etc/authselect/custom/sssd-rocky/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
dest: "{{ item }}"
owner: root
group: root
mode: '0644'
loop:
- /etc/authselect/custom/sssd-aoc/system-auth
- /etc/authselect/custom/sssd-aoc/password-auth
- /etc/authselect/custom/sssd-rocky/system-auth
- /etc/authselect/custom/sssd-rocky/password-auth
- name: Select New Profile
command: >
/usr/bin/authselect select custom/sssd-aoc
/usr/bin/authselect select custom/sssd-rocky
without-nullok
with-faillock
with-mkhomedir

2
ansible/playbooks/vars/ipaserver.yml Normal file
View File

@ -0,0 +1,2 @@
---
ipatype: server