Skip to content

A lot of major enhancements. Mostly provided by Eric (ideologysec)
Compare
Choose a tag to compare
@florianutz florianutz released this 11 May 07:42
· 40 commits to master since this release
2.0.0
ed8ea1d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

A lot of major enhancements. Mostly provided by Eric (ideologysec) https://github.com/ideologysec

  • cleanup files and folders

  • audit tasks enhancements

  • some smaller bugfix

  • bugfix variables

  • update licensefile

  • update defaults

  • update gitignore

  • added missing tags to 6.2.6

  • added handler load audit rules

  • Added scored or notscored to all rule plays.

  • Added rule tags

  • Added 5.5 and 5.6 to defaults/main.yml

  • added section tags to tasks/main.yml for easy section testing

  • cleaned up tasks/post.yml for easy reading + task header standardization; removed "when == Debian" since this is only for Ubuntu systems

  • standardized order of tags (levels, scored, patch, subsystem, rule, notimplemented).

  • added cron, sshd, ntp, syslog, and maybe several other tags to various plays to allow bypassing or enabling based on subsystem (mostly section 5)

  • moved multiple plays for the same rule into a single block (block names are only supported >= Ansible 2.3). This allows for a single "when" to run the entire block, and for nicer code folding. Unfortunately, it does push the minimum requirement from 2.1 *> 2.3; I will look at block syntax without names if backwards compat that far is desired.

  • switched "restart auditd" to be a service command instead of a command; this is more Ansibley and works on both RedHat and Debian families, with both SysV init and systemd init services. This also tracks with redhatcis

  • fixed rule 4.1.6 template to conform to the Ubuntu CIS benchmark instead of the RedHat one.

  • Fixed whitespace issue 1.1.2

  • Fixed section1 and section4 whitespace and block errors.

  • Section5 whitespace fixes.

  • yamlint now passes 100% of all yml files

  • Fixed rule 4.3

  • added rule 4_3 to defaults/main.yml

  • added file touch to rule 4.3

  • Forgot to write an actual commit message.

  • Added stat check for 5.4.4

  • update handlers for docker

  • updated regex for 1.1.1.4 and 1.1.1.5

  • update for 4.3: state: touch always returns an "modified" and idempotence test will fail. bad workaround changed_when: false

Assets 2
Loading