Add missing variable defaults for 'rhel9cis_pam_faillock' #12
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Congrats on opening your first pull request and thank you for taking the time to help improve Ansible-Lockdown!
Please join in the conversation happening on the Discord Server as well.
|
hi @alewando Thank you so much for the feedback and taking the time to provide a solution. I have just double checked that config and some of it is there in error for rhel9 as this uses the /etc/security/faillock.conf configuration. The only variable we should now required are If you could align this I can merge and then add extra improvements that this has highlighted. I do expect the pipeline test to fail until rh9 is GA and we have an image to use. many thanks once again uk-bolly |
|
Feel free to join us on Discord https://discord.gg/JFxpSgPFEJ Be great to get some more discussions on this yet unreleased benchmark. Thanks uk-bolly |
|
Ah, I see now the What you are saying makes sense. I've pushed the requested update. I'll need to be more careful about the version checks! Thanks for all of your efforts! |
|
hi @alewando Thank you for confirming and the rapid turn around. I did notice the signed-off is present but its failing DCO on the GPG sign off. Good to know this works on Amazon Linux 2022, keen to find our if you come across any specific there also. best uk-bolly |
Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
…and 5.5.4 Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
|
Thanks again for the feedback and subsequent PR @alewando Thats all merged now. Cheers uk-bolly |
Some required variables in the 'rhel9cis_pam_faillock' dict were missing default values. I copied the defaults from the RHEL8-CIS playbook