Merge pull request #83 from ansible-lockdown/Feb25

uk-bolly · web-flow · commit d436101c1ca6 · 2025-02-11T14:56:44.000+01:00
Feb25_final issues
diff --git a/tasks/Cat2/RHEL-09-23xxxx.yml b/tasks/Cat2/RHEL-09-23xxxx.yml
@@ -873,8 +873,7 @@
       ansible.builtin.file:
         mode: 'u+x,go-w'
         path: "{{ item }}"
-      loop:
-        - "{{ rhel9stig_system_command_permissions.stdout_lines }}"
+      loop: "{{ rhel9stig_system_command_permissions.stdout_lines }}"
 
 - name: "MEDIUM | RHEL-09-232015 | PATCH | RHEL 9 library directories must have mode 755 or less permissive."
   when:
@@ -900,8 +899,7 @@
       ansible.builtin.file:
         mode: 'u+x,go-w'
         path: "{{ item }}"
-      loop:
-        - "{{ rhel9stig_library_directory_perms.stdout_lines }}"
+      loop: "{{ rhel9stig_library_directory_perms.stdout_lines }}"
 
 - name: "MEDIUM | RHEL-09-232020 | PATCH | RHEL 9 library files must have mode 755 or less permissive."
   when:
diff --git a/tasks/Cat2/RHEL-09-27xxxx.yml b/tasks/Cat2/RHEL-09-27xxxx.yml
@@ -49,7 +49,6 @@
     line: /org/gnome/login-screen/banner-message-enable
     create: true
     mode: 'u-x,go-wx'
-    modification_time: preserve
     state: present
   loop: "{{ rhel9stig_dconf_db.stdout_lines }}"
 
diff --git a/tasks/Cat2/RHEL-09-4xxxxx.yml b/tasks/Cat2/RHEL-09-4xxxxx.yml
@@ -226,8 +226,7 @@
       when: rhel9stig_duplicate_gids is defined or rhel9stig_gid_exists is defined
       ansible.builtin.debug:
         msg: "Warning!! Issues with primary user groups have been found Please investigate"
-      loop:
-        - "{{ rhel9stig_duplicate_gids.stdout_lines }}"
+      loop: "{{ rhel9stig_duplicate_gids.stdout_lines }}"
 
     - name: "MEDIUM | RHEL-09-411045 | WARN | All RHEL 9 interactive users must have a primary group that exists.."
       when:
diff --git a/tasks/Cat2/RHEL-09-67xxxx.yml b/tasks/Cat2/RHEL-09-67xxxx.yml
@@ -28,8 +28,7 @@
         - rhel9stig_non_fips_hashed_accounts.stdout | length > 0
         - rhel9stig_disruption_high
       ansible.builtin.shell: "passwd -l {{ item }}"
-      loop:
-        - "{{ rhel9stig_non_fips_hashed_accounts.stdout_lines }}"
+      loop: "{{ rhel9stig_non_fips_hashed_accounts.stdout_lines }}"
 
     - name: "MEDIUM | RHEL-09-671015 | AUDIT | RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | Message out user accounts"
       when:
