Mirrors/ansible-collection-hardening
2
0
Fork 0
mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-10 09:14:18 +00:00
Code Issues Projects Releases Packages Wiki Activity
240 commits 15 branches 57 tags 4.6 MiB
Commit graph

240 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sebastian Gumprich
02a475a465 Merge pull request #142 from duk3luk3/fix/no-blacklist-rsync 
Remove rsync from package blacklist
 2017-08-07 18:51:30 +02:00
Lukas Erlacher
066f423aae Remove rsync from package blacklist 
rsync was erroneously added to `os_security_packages_list` variable,
meaning it was uninstalled as a "package with known issues".

Fixes #141
 2017-08-07 23:21:51 +10:00
Sebastian Gumprich
a88ff85ec0 Merge pull request #136 from dev-sec/passwd 
add passwd task, control os-03
 2017-08-07 13:08:50 +02:00
Sebastian Gumprich
8bbd6f0f52 Update minimize_access.yml 2017-08-06 22:12:26 +02:00
Sebastian Gumprich
77fae2a742 add passwd vars 2017-08-06 21:37:26 +02:00
Sebastian Gumprich
3d59e80910 Merge branch 'master' of github.com:dev-sec/ansible-os-hardening into passwd 2017-08-06 20:39:52 +02:00
Sebastian Gumprich
f1df3a3c48 Merge pull request #134 from dev-sec/style 
style update
 2017-08-06 14:52:08 +02:00
Sebastian Gumprich
0aa330a35f Merge pull request #135 from dev-sec/prelinkt 
remove prelink package, control package-09
 2017-08-06 14:52:02 +02:00
Sebastian Gumprich
a1a1371a83 update readme 2017-08-05 21:58:29 +02:00
Sebastian Gumprich
a461deffff Merge branch 'master' into style 2017-08-05 21:46:58 +02:00
Sebastian Gumprich
8df021d3b5 update spaces, bools, trues 2017-08-05 21:43:28 +02:00
Sebastian Gumprich
09bcc0baad Merge pull request #137 from dev-sec/netrc 
new task for delete netrc files, control os-09
 2017-08-05 21:05:04 +02:00
Sebastian Gumprich
a957fb6245 style update 2017-08-04 22:23:12 +02:00
Sebastian Gumprich
9c77f82899 new task for delete netrc files 2017-08-04 21:55:59 +02:00
Sebastian Gumprich
0466917aaf add shadow task 2017-08-04 21:51:16 +02:00
Sebastian Gumprich
bb85a92ff0 remove prelink, package-09 2017-08-04 21:45:33 +02:00
Sebastian Gumprich
129f1a2314 Merge pull request #130 from fazlearefin/master 
Fix ansible.cfg and use comment filter
 2017-07-17 21:05:39 +02:00
Fazle Arefin
6cbc26040f Add comment filter to {{ansible_managed}} string 
- multiline {{ansible_managed}} strings do not get properly commented
without the comment filter (see
http://docs.ansible.com/ansible/playbooks_filters.html#comment-filter )
 2017-07-07 11:49:33 +10:00
Fazle Arefin
192046d4ac Fix ansible.cfg 
- using `%Y-%m-%d` in `ansible_managed` message is not recommended
as deploying from a new git checkout will change the `ansible_managed`
string in the template and Ansible will report the template file as changed
(see http://docs.ansible.com/ansible/intro_configuration.html#ansible-managed )
- add `scp_if_ssh` in ansible.cfg
 2017-07-07 11:48:53 +10:00
Sebastian Gumprich
cb8f952a86 update changelog 2017-06-28 16:00:41 +02:00
Sebastian Gumprich
6d21d249b9 Merge pull request #120 from dev-sec/combined_sysctl 
add more sysctl settings, allow overwriting
 2017-06-27 20:59:04 +02:00
Sebastian Gumprich
0b8e42c5c6 remove 12.04 support 2017-06-27 15:03:22 +02:00
Sebastian Gumprich
8f6d3b1800 use with_flattened and default lists 2017-06-27 12:10:32 +02:00
Sebastian Gumprich
e0e2b2a601 remove omit param in default() 2017-06-06 16:39:13 +02:00
Sebastian Gumprich
7bbd479a9a Update README.md 2017-05-28 18:31:10 +02:00
Sebastian Gumprich
5c48c74f79 add more sysctl settings, allow overwriting 2017-05-07 15:12:31 +02:00
Sebastian Gumprich
24baf2c126 Merge pull request #126 from pestaa/patch-1 
Converts set to JSON-serializable list
 2017-05-07 13:25:11 +02:00
Istvan Beregszaszi
402f9b508f Converts set to JSON-serializable list 
Fixes #125.
 2017-05-06 22:25:17 +02:00
Sebastian Gumprich
83557bb057 update package 2017-04-22 20:50:29 +02:00
Sebastian Gumprich
7fdd7b4bb8 Merge pull request #106 from dev-sec/skip_fail 
omit empty variables
 2017-03-14 18:32:22 +01:00
Sebastian Gumprich
7f1415f339 Merge pull request #114 from dev-sec/fix_111 
install initramfs-tools
 2017-03-14 18:32:16 +01:00
Sebastian Gumprich
0ab4db4228 omit empty variables 
omit empty variables when in check-mode or when set_fact is skipped.

Fix #105
 2017-03-01 21:17:41 +01:00
Sebastian Gumprich
334e203f8b install initramfs-tools 
These are not installed by default on debian 8 but needed for module generation.

see: https://github.com/dev-sec/ansible-os-hardening/issues/111
 2017-03-01 21:17:23 +01:00
Sebastian Gumprich
a9095928ac Merge pull request #117 from dev-sec/shadow_owner 
change shadow owner in debian systems
 2017-03-01 21:15:47 +01:00
Sebastian Gumprich
1d48b0d10a change shadow owner in debian systems 2017-03-01 20:58:19 +01:00
Sebastian Gumprich
987a3331f0 Merge pull request #110 from dev-sec/docker 
use new Docker images
 2017-03-01 20:31:08 +01:00
Sebastian Gumprich
dfc505634b update min ansible version 2017-02-28 21:34:35 +01:00
Sebastian Gumprich
3af185ba8d use new docker images 2017-01-22 16:05:45 +01:00
Sebastian Gumprich
0779022a6e Merge pull request #113 from tyrken/rhel7 
Rhel7
 2017-01-20 16:42:00 +01:00
Tristan Keen
1cacbf4256 Support RHEL7 password quality and HTTP(S) proxies 
Oracle Linux -> OracleLinux in both ansible_os_family and ansible_distribution: https://github.com/ansible/ansible/pull/10789
(Note - older versions before latest 1.9 had the name including a space - but I can see PR to drop 1.9 support is in progress)

pam_pwfamily (the supposed package to install to get password complexity checking in RHEL7) doesn't seem to exist.
There is a libpwquality package that provides /usr/lib64/security/pam_pwquality.so, but that is installed by default according to a RHEL support case answer.
 2017-01-19 15:13:48 +00:00
Sebastian Gumprich
a8f8cd083a Update README.md 2017-01-09 07:24:57 +01:00
Sebastian Gumprich
1e57cb64a2 Merge pull request #104 from ypid/fix/role_description 
Don’t refer to this role as "playbook" in the role description
 2016-12-03 18:33:47 +01:00
Robin Schneider
c934a01c15
Don’t refer to this role as "playbook" in the role description 
Finishes work done by @rndmh3ro in #97

Closes: #97
 2016-12-03 11:36:11 +01:00
Sebastian Gumprich
5fc62a7f89 update changelog 2016-10-24 15:34:07 +02:00
Christoph Hartmann
6505157c62 Merge pull request #101 from dev-sec/update_pwqual 
update template
 2016-10-24 14:16:13 +02:00
Sebastian Gumprich
62a91011dd add comments to variables 2016-10-24 14:11:43 +02:00
Christoph Hartmann
fa59170f37 Merge pull request #100 from dev-sec/deprec_warn 
fix deprecation warning for undefined error. #99
 2016-10-24 10:54:08 +02:00
Sebastian Gumprich
11c81971e1 fix deprecation warning for undefined error. #99 2016-10-07 21:28:57 +02:00
Sebastian Gumprich
ef9d3d8f7f update template 2016-09-27 19:18:17 +02:00
Christoph Hartmann
ca0bd549ff Merge pull request #94 from dev-sec/pam_pwquality 
add rhel7 pam_pwquality. fix #73
 2016-09-05 18:37:23 +02:00