Mirrors/ansible-collection-hardening

mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-09-20 13:21:52 +00:00

Author	SHA1	Message	Date
dev-sec CI	45d6a17c08	update changelog	2023-06-12 12:22:09 +00:00
Nejc Habjan	dd215ba310	feat: explicitly support Fedora 37 and 38 (#682 ) Signed-off-by: Nejc Habjan <nejc.habjan@siemens.com>	2023-06-12 14:18:32 +02:00
dev-sec CI	1fb9988fd7	update changelog	2023-06-10 06:07:05 +00:00
Sebastian Gumprich	f56d80b5d8	Replace ssh_keys group in Fedora with root (#677 ) * Replace ssh_keys group in Fedora with root In Fedora 38, the `ssh_keys` group was removed. root is used now, in accordance to upstream. See: https://www.spinics.net/lists/fedora-devel/msg307707.html See: https://src.fedoraproject.org/rpms/openssh/pull-request/37# Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> * change host key mode and owner in fedora and rhel9 Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> * add missing host mode for rhel7 Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> * harden all ssh host keys Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> * skip linting rule Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> * correct grp for bsd is wheel Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com> --------- Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2023-06-10 08:04:04 +02:00
dev-sec CI	0e173b4165	update changelog	2023-05-26 12:13:00 +00:00
Sebastian Gumprich	7e6a715692	setting gets ignored (#680 ) see: https://github.com/authselect/authselect/issues/223 Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>	2023-05-26 14:10:49 +02:00
dev-sec CI	9c86dae383	update changelog	2023-05-23 09:22:51 +00:00
junicast	f3337f33b3	Add oddjob mkhomedir option rhel pam (#675 ) * added support for oddjob mkhomedir via optional var * optimized conditional * added variable description Signed-off-by: Jochen Demmer <jochen.demmer@noris.de> * added support for oddjob mkhomedir via optional var Signed-off-by: Jochen Demmer <jochen.demmer@noris.de> * optimized conditional Signed-off-by: Jochen Demmer <jochen.demmer@noris.de> * added variable description Signed-off-by: Jochen Demmer <jochen.demmer@noris.de> --------- Signed-off-by: Jochen Demmer <jochen.demmer@noris.de> Co-authored-by: Jochen Demmer <jochen.demmer@noris.de>	2023-05-23 11:19:40 +02:00
dev-sec CI	c597eb97b2	update changelog	2023-05-22 13:56:42 +00:00
Andreas Wagner	d7bda7ca3a	expand on check conditions for non-file locations of logs (#674 ) Co-authored-by: whysthatso <git@whysthatso.net>	2023-05-22 15:53:33 +02:00
dev-sec CI	037919e67a	update changelog	2023-04-28 12:08:48 +00:00
schurzi	ed5aefad3e	Merge pull request #667 from dev-sec/molecule_update use new molecule-plugins	2023-04-28 14:05:46 +02:00
Martin Schurz	e5b8df07e2	use new molecule-plugins Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-28 13:48:45 +02:00
dev-sec CI	808cc6d78a	update changelog	2023-04-17 07:51:08 +00:00
schurzi	1cce7bca9a	Merge pull request #662 from dev-sec/codespell add spellchecking with codespell	2023-04-17 09:47:53 +02:00
Martin Schurz	74c76b8240	correct workflow name and use main version Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-16 22:57:44 +02:00
Martin Schurz	cd56c017ba	add parameter for skipped words Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-16 22:54:43 +02:00
Martin Schurz	93ddd4b45e	use shared workflow Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-16 22:49:53 +02:00
Martin Schurz	7259d6b5fd	fix spelling errors Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-14 23:51:53 +02:00
Martin Schurz	edcada16e4	add spellchecking with codespell Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-14 23:34:05 +02:00
dev-sec CI	7e31002555	update galaxy.yml with new version	2023-04-13 08:40:54 +00:00
dev-sec CI	8816969278	update changelog	2023-04-12 22:51:41 +00:00
schurzi	7e6e43e0a5	Merge pull request #657 from dev-sec/min_ansible_ver	2023-04-13 00:48:29 +02:00
dev-sec CI	b79eb83d4f	update changelog	2023-04-12 20:24:10 +00:00
Martin Schurz	eb47f4dce0	Merge branch 'master' into min_ansible_ver	2023-04-12 22:22:36 +02:00
schurzi	4a21ec0234	Merge pull request #656 from dev-sec/update_Tests Update test environment	2023-04-12 22:21:49 +02:00
Martin Schurz	bb47300798	remove unneccessary collection include Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-12 20:27:35 +02:00
Martin Schurz	de0439ed58	remove unneccessary collection include Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-12 20:22:22 +02:00
Martin Schurz	6e48f686a9	add fedora to testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-12 20:21:27 +02:00
Martin Schurz	0014a3be36	update metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-12 20:18:29 +02:00
Martin Schurz	a186760b45	exclude broken tests Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-11 09:51:05 +02:00
Martin Schurz	a5a065f880	shorten text Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-11 07:49:38 +02:00
Martin Schurz	bc9795c215	add noqa for linter Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-11 07:37:07 +02:00
Martin Schurz	f02f8b9a90	add procps for Debian Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-11 07:20:44 +02:00
Martin Schurz	5cc7b8dee3	add waivers for os_hardening Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-11 07:17:29 +02:00
Martin Schurz	ea922f6dca	fix lint error Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 23:49:52 +02:00
Martin Schurz	e43f180112	update waiver path Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 23:48:52 +02:00
Martin Schurz	001900ac35	require ansible.builtin.user to be at least 2.11 since options are needed Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 23:42:27 +02:00
Martin Schurz	31c9885610	use docker for inspec-auditor Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 23:22:41 +02:00
Martin Schurz	4a9d6033eb	try docker for inspec-auditor Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 23:04:46 +02:00
Martin Schurz	ebab98930c	try docker for inspec-auditor Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 22:58:28 +02:00
Martin Schurz	5357f9e718	use current version of amazon linux Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 22:23:48 +02:00
Martin Schurz	dd5ad568b3	fix deprecation warnings Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 20:36:03 +02:00
Martin Schurz	63dc9d3be8	use current amazon linux Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 19:44:01 +02:00
Martin Schurz	7b69c4bd47	add collection link Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 11:21:12 +02:00
Martin Schurz	e4ecfe2084	add collection to verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 11:03:33 +02:00
Martin Schurz	e346c2300f	remove unneccessary symlink Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 11:02:33 +02:00
Martin Schurz	2de009e3b5	use latest runner version Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-04-10 10:28:11 +02:00
dev-sec CI	604c6999ad	update changelog	2023-03-31 08:14:01 +00:00
schurzi	29f8a2fb78	add testing for OpenBSD and FreeBSD (#642 ) * add testing for OpenBSD and FreeBSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make python work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove jinja template ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use right vm name for connect Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add a bit of documentation Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove sudo Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add weird OpenSBD workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify playbook more consistent Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * rename nonlinux to BSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use openbsd7 for testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct use openbsd7 everywhere Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * update waiver descriptions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use docker for inspec Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * keep looking right ;) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct path to waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use ephemeral directory in docker Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use bsd inspec profile Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * re-add openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * commit suggestions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add supportet OS to metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use current python Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> --------- Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>	2023-03-31 09:50:04 +02:00

1 2 3 4 5 ...

1996 commits