-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add missing variable defaults for 'rhel9cis_pam_faillock' #12
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Congrats on opening your first pull request and thank you for taking the time to help improve Ansible-Lockdown!
Please join in the conversation happening on the Discord Server as well.
hi @alewando Thank you so much for the feedback and taking the time to provide a solution. I have just double checked that config and some of it is there in error for rhel9 as this uses the /etc/security/faillock.conf configuration. The only variable we should now required are If you could align this I can merge and then add extra improvements that this has highlighted. I do expect the pipeline test to fail until rh9 is GA and we have an image to use. many thanks once again uk-bolly |
Feel free to join us on Discord https://discord.gg/JFxpSgPFEJ Be great to get some more discussions on this yet unreleased benchmark. Thanks uk-bolly |
Ah, I see now the
What you are saying makes sense. I've pushed the requested update. I'll need to be more careful about the version checks! Thanks for all of your efforts! |
hi @alewando Thank you for confirming and the rapid turn around. I did notice the signed-off is present but its failing DCO on the GPG sign off. Good to know this works on Amazon Linux 2022, keen to find our if you come across any specific there also. best uk-bolly |
Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
…and 5.5.4 Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
Thanks again for the feedback and subsequent PR @alewando Thats all merged now. Cheers uk-bolly |
Some required variables in the 'rhel9cis_pam_faillock' dict were missing default values. I copied the defaults from the RHEL8-CIS playbook