Skip to content

Commit 1d950a0

Browse files
committed
fix(cis_5.3.1.x): add apt lock timeout to libpam-runtime and libpam-modules
Use apt module instead of package module to support lock_timeout parameter for libpam-runtime and libpam-modules installation tasks.
1 parent e1762bb commit 1d950a0

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

tasks/section_5/cis_5.3.1.x.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,10 @@
99
- pam
1010
- rule_5.3.1.1
1111
- NIST800-53R5_NA
12-
ansible.builtin.package:
12+
ansible.builtin.apt:
1313
name: libpam-runtime
1414
state: latest
15+
lock_timeout: "{{ ubtu24cis_apt_lock_timeout }}"
1516

1617
- name: "5.3.1.2 | PATCH | Ensure libpam-modules is installed"
1718
when: ubtu24cis_rule_5_3_1_2
@@ -22,9 +23,10 @@
2223
- pam
2324
- rule_5.3.1.2
2425
- NIST800-53R5_NA
25-
ansible.builtin.package:
26+
ansible.builtin.apt:
2627
name: libpam-modules
2728
state: latest
29+
lock_timeout: "{{ ubtu24cis_apt_lock_timeout }}"
2830

2931
- name: "5.3.1.3 | PATCH | Ensure libpam-pwquality is installed"
3032
when: ubtu24cis_rule_5_3_1_3

0 commit comments

Comments
 (0)