search

ansible-lockdown / UBUNTU22-CIS

Ansible role for Ubuntu22 CIS Baseline
https://ansible-lockdown.readthedocs.io/en/latest/
MIT License
181 stars 80 forks source link

Wrong value in `defaults/main.yml` file for `ubtu22cis_grub_file` variable #115

Closed ipruteanu-sie closed 12 months ago

ipruteanu-sie commented 1 year ago

Describe the Issue In my opinion, after analyzing why CIS reports a failure for rule 1.4.2 Ensure permissions on bootloader config are configured, the current value set in defaults/main.yml file for variable ubtu22cis_grub_file is wrong.

I think it may ended up with this value, as this is a mix between:

Expected Behavior ubtu22cis_grub_file: /etc/grub/grub.cfg -> CIS reports rule 1.4.2 as passed

Actual Behavior ubtu22cis_grub_file: /etc/default/grub.cfg -> CIS reports rule 1.4.2 as failed

Control(s) Affected 1.4.2

Environment (please complete the following information):

Possible Solution I'll add a PR.

uk-bolly commented 12 months ago

hi @ipruteanu-sie

This issue was merged to devel a couple of weeks ago. I will close this Issue, if this does not resolve your issue please reopen.

Many thanks as always

uk-bolly