search

ComplianceAsCode / content

Security automation content in SCAP, Bash, Ansible, and other formats
https://complianceascode.readthedocs.io/en/latest/
Other
2.13k stars 676 forks source link

Playbook stops at TASK [Ensure NetworkManager is installed] #12031

Open PiRomant opened 1 month ago

PiRomant commented 1 month ago

Description of problem:

Ansible Playbook for CIS Ubuntu 22.04 Level 1 Server Benchmark stops at TASK [Ensure NetworkManager is installed]

SCAP Security Guide Version:

Profile ID: xccdf_org.ssgproject.content_profile_cis_level1_server Benchmark ID: xccdf_org.ssgproject.content_benchmark_UBUNTU_22-04 Benchmark Version: 0.1.73 XCCDF Version: 1.2

Operating System Version:

Ubuntu 22.04.4 LTS

Steps to Reproduce:

Use ansible playbook ubuntu2204-playbook-cis_level1_server.yml

Actual Results:

TASK [Ensure NetworkManager is installed] ********************************************************
failed: [192.168.0.1] (item=NetworkManager) => {"ansible_loop_var": "item", "changed": false, "item": "NetworkManager", "msg": "No package matching 'NetworkManager' is available"}

PLAY RECAP ***************************************************************************************
192.168.0.1           : ok=228  changed=69   unreachable=0    failed=1    skipped=32   rescued=0    ignored=0

Additional Information/Debugging Steps:

ansible-playbook [core 2.14.14]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /bin/ansible-playbook
  python version = 3.9.18 (main, Jan 24 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
ggbecker commented 1 month ago

This file needs to be changed: https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/ansible/shared.yml#L35

It has NetworkManager hardcoded and maybe for Ubuntu the name of the package is different

PiRomant commented 1 month ago

Or shouldn't use network-manager at all. https://github.com/ComplianceAsCode/content/issues/11904