Variables not used at all within role

[ipruteanu-sie]

Question These vars in 'defaults/main.yml' file are not used within role:

• [x] rhel9cis_allow_autofs: false (NOTE: Setting to 'false' this variable will disable the automounting service(autofs), used for automatically mounting the filesystem and remote-shares.)

  • for example, in ubuntu22 role it was used in templates/ansible_vars_goss.yml.j2
  • and afterwards in tasks/section_1/cis_1.1.9.yml || cis_1.1.x.yml

• [x] rhel9cis_rh_sub_user & rhel9cis_rh_sub_password(NOTE: Providing the username and password for "Red Hat Subscription Manager" connection.)

  • in RHEL8, they were used for configuring the RH Subscription Manager

• [x] rhel9cis_rhnsd_required(_NOTE: If var "rhel7cis_rhnsdrequired" would be set to false, the rhnsd daemon, which periodically connects to Red Hat Network Satellite to check for updates and notifications, will be stopped.)

  • in RHEL7, it was used in tasks/section_1/cis_1.2.x.yml

• [x] rhel9cis_bootloader_password()

  • Such a variable seem to be used in:
    • other *-CIS-Audit repos, in 'vars/CIS.yml' file
    • other *-CIS repos, in 'templates/ansible_vars_goss.yml.j2' files for loading the hashed password:

          # 1.5.1 Bootloader password
          ubtu22cis_bootloader_password: {{ ubtu22cis_bootloader_password_hash }}

      but in current repository NO other reference exists for it.

• [x] cis_firewalld_ports (not used and documented as an example in RHEL9 & AL2023 )

  # These settings are added to demonstrate how this update can be done (eventually will require a new control)
  rhel9cis_firewalld_ports:
  - number: 80
    protocol: tcp

• [x] rhel9cis_passwd_label - 6.2.10(Ensure local interactive user home directories exist):

  • Used in rhel8 as a label for loop_control, when iterating over passwd lines.
  • (Not used in rhel9, despite defined): rule 6.2.10 uses only {{ item.id }} as a label for loop_control.

Please let me know about your thoughts on this variable definition without actual usage.

[uk-bolly]

hi @ipruteanu-sie

Thank you for taking the time and providing the feedback for this issue. I can agree, some of the values do need validated. More than happy to remove unused variables that are no longer valid. Will looking to add this into an upcoming PR and release.

Many thanks

uk-bolly

[uk-bolly]

hi @ipruteanu-sie

This Issue has been merged to devel and into main branch. I will therefore close this issue. Please feel free to reopen if you feel its not as expected.

Many thanks again for your time

uk-bolly