* Include Debian 11 into Molecule test suites (#527)
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* Fix Ansible Lint GitHub Action version (#527)
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* Update .gitignore
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* mysql_hardening: Use Python 3 as Ansible interpreter (#527)
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* Note Debian 11 support for os_hardening & nginx_hardening (#527)
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* Fix lint issues & Ansible Lint configuration in CI
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* Try to fix YAML lint issues, again
Re-ordered YAML comments at the end of `.yamllint` file.
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
* rm debian9 from tests, add debian 11 where missing
Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>
* fix mysql molecule tests
Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>
Signed-off-by: Daya Adianto <dayaadianto@cs.ui.ac.id>
Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>
Co-authored-by: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
Co-authored-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>
* add rocky linux 8 tests and make sure that all relevant tasks are executed
Signed-off-by: rndmh3ro <github@gumpri.ch>
* fix missing quote
Signed-off-by: rndmh3ro <github@gumpri.ch>
* add a runtime.yml to declare minimum ansible version
Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
* add minimum ansible version to reamde
Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
* Prettified Code!
* Add kernel parameter information to README
Add initial documentation around configuring audit=1 to reduce the inaccuracies in the auditd logs.
Closes https://github.com/dev-sec/ansible-os-hardening/issues/253
Signed-off-by: Jared Ledvina <jared@techsmix.net>
* Cleanup spellinng
Signed-off-by: Jared Ledvina <jared@techsmix.net>
* Make max_log_file_action for auditd configurable
This commit allows to configure the max_log_file_action auf auditd to
avoid filling small /var/log partitions for systems that create many
audit log entries. Or run for a long period of time.
Signed-off-by: Jan Dittberner <jan.dittberner@t-systems.com>
* Add os_auditd_max_log_file_action to README
Signed-off-by: Jan Dittberner <jan.dittberner@t-systems.com>
check for modprobe
use apt and yum instead of package
Revert "use apt and yum instead of package"
This reverts commit 215a97b1867a7a8af5e0e64e9f77181d4c4a5050.
use latest to install kmod
run apt-get update
