mirror of
https://github.com/dev-sec/ansible-collection-hardening
synced 2024-09-20 21:21:54 +00:00
19 lines
497 B
YAML
19 lines
497 B
YAML
---
|
|
|
|
- name: create limits.d-directory if it does not exist | sysctl-31a, sysctl-31b
|
|
file:
|
|
path: '/etc/security/limits.d'
|
|
owner: 'root'
|
|
group: 'root'
|
|
mode: '0755'
|
|
state: 'directory'
|
|
when: 'os_security_kernel_enable_core_dump'
|
|
|
|
- name: create sane limits.conf | sysctl-31a, sysctl-31b
|
|
template:
|
|
src: 'limits.conf.j2'
|
|
dest: '/etc/security/limits.d/10.hardcore.conf'
|
|
owner: 'root'
|
|
group: 'root'
|
|
mode: '0440'
|
|
when: 'os_security_kernel_enable_core_dump'
|