fix: 🐛 handle 'all' in outbound ports loop in rule rule_4.1.5 and apt/dpkg lock

[tmeckel]

Please ensure that you have understood contributing guide
Ensure all commits are signed-by and gpg signed

Overall Review of Changes:

• Changed tasks/section_4/cis_4.1.x.yml so the loop in the 4.1.5 "Custom ports" task uses an empty list when ubtu22cis_ufw_allow_out_ports == 'all', instead of looping over the raw value.
• Added a configurable ubtu22cis_apt_lock_timeout (default 180s) and applied it to the CIS 5.3.1 package installs to wait for apt/dpkg locks instead of failing.

Issue Fixes:
Closes: #328
Closes: #330

Enhancements:
N/A

How has this been tested?:
Local image builder

[uk-bolly]

hi @tmeckel

Thank you for the PR, unfortunately they are not passing DCO. While the commits are GPG signed they are not signed-off-by.
If you could possibly sign off all the commits we can review the PR.

Many thanks

uk-bolly

[tmeckel]

hi @tmeckel

Thank you for the PR, unfortunately they are not passing DCO. While the commits are GPG signed they are not signed-off-by. If you could possibly sign off all the commits we can review the PR.

Many thanks

uk-bolly

@uk-bolly THX for the hint. Just still working on the UBUNTU24-CIS version of the PR ansible-lockdown/UBUNTU24-CIS#137. When I have both in sync I'll sign off all the commits again. I'll keep you posted 👍🏼

[uk-bolly]

hi @tmeckel

Thank you but we seem to still have an issue with the DCO for your commits.
Also the change for apt 5.3.1 you dont need to change the module, the package module can do exactly that and using the apt module under the hood. We prefer to use the generic one that utilises the discovered package rather than fix it.

Kindest regards

uk-bolly