Describe the Issue
In order to define the configuration for the ssh - Server, either AllowedUsers or DeniedUsers should be passed. However, when only specifying the ubtu22cis_sshd.allow_users variable and ignoring ubtu22cis_sshd.deny_users, the script fails.
Describe the Issue In order to define the configuration for the ssh - Server, either
AllowedUsers
orDeniedUsers
should be passed. However, when only specifying theubtu22cis_sshd.allow_users
variable and ignoringubtu22cis_sshd.deny_users
, the script fails.In Tag Version 1.1.0, this was possible, however in version 1.2.0, the line
|default('')
which would return an empty string if thedeny_users
is unset was removed. See: https://github.com/ansible-lockdown/UBUNTU22-CIS/blob/devel/tasks/section_5/cis_5.2.x.yml#L99Expected Behavior Do not fail if the variable
ubtu22cis_sshd.deny_users
is unset.Actual Behavior Fails if
ubtu22cis_sshd.deny_users
is unset.Control(s) Affected What controls are being affected by the issue
Environment (please complete the following information):
Additional Notes Anything additional goes here
Possible Solution Return an empty string if the denied_hosts is not set: