issues
search
ansible-lockdown
/
RHEL7-CIS
Ansible role for Red Hat 7 CIS Baseline
https://ansible-lockdown.readthedocs.io/en/latest/
MIT License
473
stars
303
forks
source link
Cis 3.1.1
#252
Closed
uk-bolly
closed
3 years ago
uk-bolly
commented
3 years ago
Update CIS Benchmark to 3.1.1
rhel7cis_allow_reboot is now an option to reboot at the end of remediation - default false
linting - including command replaced with shell
section 1
1.1 rewritten to providing better auditing and output
1.3 sudo no longer required move to section 5
1.4.1 bootloader password reworked
other groups changes increased tests
more controls for GDM
section 2
reorder of server services
rsyncd masked
2.5 - 2.4
section 3
some controls now L2
tidy of some rules
3.1 disable ipv6 now via grub - No longer sysctl
section 4
tidy up
section 5
sudo moved from 1.3 to 5.2
Other controls changed numbers
ssh kex, mac and ciphers updates
section 6
many control orders changed
6.2.11 create missing home dirs rewritten
Update CIS Benchmark to 3.1.1