os_security_kernel_enable_sysrq is not implemented

[techraf]

Despite README.md claiming otherwise, the os_security_kernel_enable_sysrq setting (corresponding to "sysctl-30: Kernel Parameter kernel.sysrq value should eq 0" from linux-baseline) is not implemented in this Ansible role at all.

^{taking a look if I can fix it}

[rndmh3ro]

Yes there are actually more sysctl-settings missing. We forgot to add them back when we changed where the sysctl-vars are defined. It happened here: 8747be1, our testing was not good then.

If you want, you can fix this. It should just be a matter of adding all parameters according to linux-baseline in defaults/main.yml in the sysctl_config: block.

You'll have to test locally with vagrant though, because in docker setting sysctl-settings does not work.

[techraf]

Do you want to maintain Ansible 1.9 compatibility?

Because with 2.x we could nicely combine dictionaries and allow defining only the delta settings instead of forcing user to define the whole sysctl_config.

1.9 is already three releases behind.

[rndmh3ro]

As for 1.9 support, see this thread: #110
In short: No.

For combining, I guess you mean the combine filter. Yes, that's a good idea.
Do you want to create a PR?

[techraf]

Yes and yes.

I am going to review the whole playbook anyway, so will gladly contribute.

[rndmh3ro]

Hey @techraf, I went ahead and created a PR to overwrite single sysctl-settings. Would you mind taking a look? #120

[rndmh3ro]

Closed by #120