-
Notifications
You must be signed in to change notification settings - Fork 165
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Mark Bolwell <[email protected]>
- Loading branch information
Showing
7 changed files
with
76 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,13 @@ | ||
--- | ||
|
||
- name: "SECTION | 2.1 | xinetd" | ||
include: cis_2.1.1.yml | ||
include_tasks: cis_2.1.1.yml | ||
|
||
- name: "SECTION | 2.2.1 | Time Synchronization" | ||
include: cis_2.2.1.x.yml | ||
include_tasks: cis_2.2.1.x.yml | ||
|
||
- name: "SECTION | 2.2 | Special Purpose Services" | ||
include: cis_2.2.x.yml | ||
include_tasks: cis_2.2.x.yml | ||
|
||
- name: "SECTION | 2.3 | Service Clients" | ||
include: cis_2.3.x.yml | ||
include_tasks: cis_2.3.x.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,41 +1,41 @@ | ||
--- | ||
|
||
- name: "SECTION | 3.1.x | Packet and IP redirection" | ||
include: cis_3.1.x.yml | ||
include_tasks: cis_3.1.x.yml | ||
|
||
- name: "SECTION | 3.2.x | Network Parameters (Host Only)" | ||
include: cis_3.2.x.yml | ||
include_tasks: cis_3.2.x.yml | ||
|
||
- name: "SECTION | 3.3.x | Uncommon Network Protocols" | ||
include: cis_3.3.x.yml | ||
include_tasks: cis_3.3.x.yml | ||
|
||
- name: "SECTION | 3.4.1.x | firewall defined" | ||
include: cis_3.4.1.1.yml | ||
include_tasks: cis_3.4.1.1.yml | ||
|
||
- name: "SECTION | 3.4.2.x | firewalld firewall" | ||
include: cis_3.4.2.x.yml | ||
import_tasks: cis_3.4.2.x.yml | ||
when: | ||
- rhel8cis_firewall == "firewalld" | ||
|
||
- name: "SECTION | 3.4.3.x | Configure nftables firewall" | ||
include: cis_3.4.3.x.yml | ||
import_tasks: cis_3.4.3.x.yml | ||
when: | ||
- rhel8cis_firewall == "nftables" | ||
|
||
- name: "SECTION | 3.4.4.1.x | Configure iptables IPv4" | ||
include: cis_3.4.4.1.x.yml | ||
import_tasks: cis_3.4.4.1.x.yml | ||
when: | ||
- rhel8cis_firewall == "iptables" | ||
|
||
- name: "SECTION | 3.4.4.2.x | Configure iptables IPv6" | ||
include: cis_3.4.4.2.x.yml | ||
import_tasks: cis_3.4.4.2.x.yml | ||
when: | ||
- ( rhel8cis_firewall == "iptables" and rhel8cis_ipv6_required ) | ||
|
||
- name: "SECTION | 3.5 | Configure wireless" | ||
include: cis_3.5.yml | ||
include_tasks: cis_3.5.yml | ||
|
||
- name: "SECTION | 3.5 | disable IPv6" | ||
include: cis_3.5.yml | ||
import_tasks: cis_3.5.yml | ||
when: | ||
- not rhel8cis_ipv6_required | ||
- not rhel8cis_ipv6_required |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,23 @@ | ||
--- | ||
|
||
- name: "SECTION | 4.1| Configure System Accounting (auditd)" | ||
include: cis_4.1.1.x.yml | ||
include_tasks: cis_4.1.1.x.yml | ||
|
||
- name: "SECTION | 4.1.2.x| Configure Data Retention" | ||
include: cis_4.1.2.x.yml | ||
include_tasks: cis_4.1.2.x.yml | ||
|
||
- name: "SECTION | 4.1.x| Auditd rules" | ||
include: cis_4.1.x.yml | ||
include_tasks: cis_4.1.x.yml | ||
|
||
- name: "SECTION | 4.2.x| Configure Logging" | ||
include: cis_4.2.1.x.yml | ||
import_tasks: cis_4.2.1.x.yml | ||
when: rhel8cis_syslog == 'rsyslog' | ||
|
||
- name: "SECTION | 4.2.2.x| Configure journald" | ||
include: cis_4.2.2.x.yml | ||
include_tasks: cis_4.2.2.x.yml | ||
|
||
- name: "SECTION | 4.2.3 | Configure logile perms" | ||
include: cis_4.2.3.yml | ||
include_tasks: cis_4.2.3.yml | ||
|
||
- name: "SECTION | 4.3 | Configure logrotate" | ||
include: cis_4.3.yml | ||
include_tasks: cis_4.3.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,27 @@ | ||
--- | ||
|
||
- name: "SECTION | 5.1 | Configure time-based job schedulers" | ||
include: cis_5.1.x.yml | ||
include_tasks: cis_5.1.x.yml | ||
|
||
- name: "SECTION | 5.2 | Configure SSH Server" | ||
include: cis_5.2.x.yml | ||
include_tasks: cis_5.2.x.yml | ||
|
||
- name: "SECTION | 5.3 | Configure Profiles" | ||
include: cis_5.3.x.yml | ||
import_tasks: cis_5.3.x.yml | ||
when: | ||
- rhel8cis_use_authconfig | ||
|
||
- name: "SECTION | 5.4 | Configure PAM " | ||
include: cis_5.4.x.yml | ||
include_tasks: cis_5.4.x.yml | ||
|
||
- name: "SECTION | 5.5.1.x | Passwords and Accounts" | ||
include: cis_5.5.1.x.yml | ||
include_tasks: cis_5.5.1.x.yml | ||
|
||
- name: "SECTION | 5.5.x | System Accounts and User Settings" | ||
include: cis_5.5.x.yml | ||
include_tasks: cis_5.5.x.yml | ||
|
||
- name: "SECTION | 5.6 | Root Login" | ||
include: cis_5.6.yml | ||
include_tasks: cis_5.6.yml | ||
|
||
- name: Section | 5.7 | su Command Restriction | ||
include: cis_5.7.yml | ||
include_tasks: cis_5.7.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
--- | ||
|
||
- name: "SECTION | 6.1 | System File Permissions" | ||
include: cis_6.1.x.yml | ||
include_tasks: cis_6.1.x.yml | ||
|
||
- name: "SECTION | 6.2 | User and Group Settings" | ||
include: cis_6.2.x.yml | ||
include_tasks: cis_6.2.x.yml |