-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.yml
99 lines (99 loc) · 3.15 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
---
# defaults file for rhel9_anssi_bp28_minimal
var_authselect_profile: minimal
var_password_pam_unix_remember: '2'
var_accounts_passwords_pam_faillock_deny: '3'
var_accounts_passwords_pam_faillock_fail_interval: '900'
var_accounts_passwords_pam_faillock_unlock_time: '900'
var_password_pam_dcredit: '-1'
var_password_pam_lcredit: '-1'
var_password_pam_minlen: '18'
var_password_pam_ocredit: '-1'
var_password_pam_ucredit: '-1'
var_accounts_maximum_age_login_defs: '90'
var_accounts_password_minlen_login_defs: '18'
var_password_pam_unix_rounds: '65536'
DISA_STIG_RHEL_09_211015: true
DISA_STIG_RHEL_09_214010: true
DISA_STIG_RHEL_09_214015: true
DISA_STIG_RHEL_09_214020: true
DISA_STIG_RHEL_09_214025: true
DISA_STIG_RHEL_09_215020: true
DISA_STIG_RHEL_09_215030: true
DISA_STIG_RHEL_09_215035: true
DISA_STIG_RHEL_09_215040: true
DISA_STIG_RHEL_09_215060: true
DISA_STIG_RHEL_09_232240: true
DISA_STIG_RHEL_09_232245: true
DISA_STIG_RHEL_09_411010: true
DISA_STIG_RHEL_09_411075: true
DISA_STIG_RHEL_09_411080: true
DISA_STIG_RHEL_09_411085: true
DISA_STIG_RHEL_09_411090: true
DISA_STIG_RHEL_09_432025: true
DISA_STIG_RHEL_09_611050: true
DISA_STIG_RHEL_09_611055: true
DISA_STIG_RHEL_09_611065: true
DISA_STIG_RHEL_09_611070: true
DISA_STIG_RHEL_09_611085: true
DISA_STIG_RHEL_09_611090: true
DISA_STIG_RHEL_09_611095: true
DISA_STIG_RHEL_09_611100: true
DISA_STIG_RHEL_09_611110: true
accounts_maximum_age_login_defs: true
accounts_password_minlen_login_defs: true
accounts_password_pam_dcredit: true
accounts_password_pam_lcredit: true
accounts_password_pam_minlen: true
accounts_password_pam_ocredit: true
accounts_password_pam_ucredit: true
accounts_password_pam_unix_remember: true
accounts_password_pam_unix_rounds_password_auth: true
accounts_password_pam_unix_rounds_system_auth: true
accounts_passwords_pam_faillock_deny: true
accounts_passwords_pam_faillock_deny_root: true
accounts_passwords_pam_faillock_interval: true
accounts_passwords_pam_faillock_unlock_time: true
configure_strategy: true
dir_perms_world_writable_root_owned: true
dir_perms_world_writable_sticky_bits: true
disable_strategy: true
enable_authselect: true
enable_strategy: true
ensure_gpgcheck_globally_activated: true
ensure_gpgcheck_local_packages: true
ensure_gpgcheck_never_disabled: true
ensure_redhat_gpgkey_installed: true
high_disruption: true
high_severity: true
low_complexity: true
low_disruption: true
low_severity: true
medium_complexity: true
medium_disruption: true
medium_severity: true
no_reboot_needed: true
package_dhcp_removed: true
package_dnf_automatic_installed: true
package_rsh_removed: true
package_rsh_server_removed: true
package_sendmail_removed: true
package_talk_removed: true
package_talk_server_removed: true
package_telnet_removed: true
package_telnet_server_removed: true
package_tftp_removed: true
package_tftp_server_removed: true
package_xinetd_removed: true
package_ypbind_removed: true
package_ypserv_removed: true
patch_strategy: true
reboot_required: true
restrict_strategy: true
security_patches_up_to_date: true
set_password_hashing_algorithm_systemauth: true
skip_ansible_lint: true
sudo_remove_no_authenticate: true
sudo_remove_nopasswd: true
unknown_severity: true
unknown_strategy: true