ansible-lockdown / RHEL9-CIS

Ansible role for Red Hat 9 CIS Baseline

https://ansible-lockdown.readthedocs.io

MIT License

113 stars 86 forks source link

Replacing secure-configuration of 'audit' and 'audit_backlog_limit' f… #161

Closed ipruteanu-sie closed 7 months ago

ipruteanu-sie commented 7 months ago

Overall Review of Changes: Grubby instead of /etc/default/grub->/boot/grub2/grub.cfg

Issue Fixes:

160

How has this been tested?: On EC2 instance, CIS is happy if grubby lists options(grubby --info=ALL | grep args) configured previously(grubby --update-kernel=ALL --args="audit_backlog_limit=8192)