ansible-collection-hardening/tasks/limits.yml

---

- name: create limits.d-directory if it does not exist | sysctl-31a, sysctl-31b
  file:
    path: '/etc/security/limits.d'
    owner: 'root'
    group: 'root'
    mode: '0755'
    state: 'directory'
  when: 'os_security_kernel_enable_core_dump'

- name: create sane limits.conf | sysctl-31a, sysctl-31b
  template:
    src: 'limits.conf.j2'
    dest: '/etc/security/limits.d/10.hardcore.conf'
    owner: 'root'
    group: 'root'
    mode: '0440'
  when: 'os_security_kernel_enable_core_dump'
Add separated files 2015-05-26 19:53:55 +00:00			`---`
Create limits.d-directory if it does not exist. See [here](https://github.com/hardening-io/chef-os-hardening/issues/84). 2015-07-13 18:18:13 +00:00
style update 2017-08-04 19:45:04 +00:00			`- name: create limits.d-directory if it does not exist \| sysctl-31a, sysctl-31b`
			`file:`
			`path: '/etc/security/limits.d'`
			`owner: 'root'`
			`group: 'root'`
			`mode: '0755'`
			`state: 'directory'`
			`when: 'os_security_kernel_enable_core_dump'`
Create limits.d-directory if it does not exist. See [here](https://github.com/hardening-io/chef-os-hardening/issues/84). 2015-07-13 18:18:13 +00:00
style update 2017-08-04 19:45:04 +00:00			`- name: create sane limits.conf \| sysctl-31a, sysctl-31b`
			`template:`
			`src: 'limits.conf.j2'`
			`dest: '/etc/security/limits.d/10.hardcore.conf'`
			`owner: 'root'`
			`group: 'root'`
			`mode: '0440'`
			`when: 'os_security_kernel_enable_core_dump'`