rpms/scap-security-guide
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c228ce9aaf
scap-security-guide/SOURCES/scap-security-guide-0.1.58-fix_ansible_banner_remediation-PR_7228.patch
CentOS Sources 01490d5abd import scap-security-guide-0.1.57-3.el8
2021-09-10 04:19:00 +00:00

54 lines
2.3 KiB
Diff
Raw Blame History

From a9660f01ecd85240df9460f141387dd2874eba82 Mon Sep 17 00:00:00 2001
From: Marcus Burghardt <marcus@mbsec.com.br>
Date: Fri, 9 Jul 2021 16:15:28 +0200
Subject: [PATCH] Bug 1857179 - Improved ansible fix for banner files. Replace
files only when necessary.
---
.../banner_etc_issue/ansible/shared.yml | 12 +++---------
.../banner_etc_motd/ansible/shared.yml | 12 +++---------
2 files changed, 6 insertions(+), 18 deletions(-)
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
index ff6b6eab42b..4f6d64fd7ac 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
@@ -5,13 +5,7 @@
# disruption = medium
{{{ ansible_instantiate_variables("login_banner_text") }}}
-- name: "{{{ rule_title }}} - remove incorrect banner"
- file:
- state: absent
- path: /etc/issue
-
-- name: "{{{ rule_title }}} - add correct banner"
- lineinfile:
+- name: "{{{ rule_title }}} - ensure correct banner"
+ copy:
dest: /etc/issue
- line: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
- create: yes
+ content: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
index 15eb3cc1cbd..2c645889336 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
@@ -5,13 +5,7 @@
# disruption = medium
{{{ ansible_instantiate_variables("login_banner_text") }}}
-- name: "{{{ rule_title }}} - remove incorrect banner"
- file:
- state: absent
- path: /etc/motd
-
-- name: "{{{ rule_title }}} - add correct banner"
- lineinfile:
+- name: "{{{ rule_title }}} - ensure correct banner"
+ copy:
dest: /etc/motd
- line: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
- create: yes
+ content: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
Reference in New Issue View Git Blame Copy Permalink