Control 1.6.1.3 mandates to Ensure all AppArmor Profiles are in enforce or complain mode.
However, the corresponding task only allows the role to set every profile to enforce mode --
the existing toggle in defaults/main.yml disables the tasks rather than switching between
enforce and complain mode.
Issue Fixes:
93
Enhancements:
n/a
How has this been tested?:
Tested locally.
Overall Review of Changes:
Control 1.6.1.3 mandates to
Ensure all AppArmor Profiles are in enforce or complain mode. However, the corresponding task only allows the role to set every profile toenforcemode -- the existing toggle indefaults/main.ymldisables the tasks rather than switching betweenenforceandcomplainmode.Issue Fixes:
93
Enhancements: n/a How has this been tested?: Tested locally.