Closed bgro closed 1 year ago
hi @bgro
Thank you for taking the time to raise this issue. This is a slightly more advanced option added to enable uids to be excluded from being logged. I am suggesting making it clearer with the following
e.g. defaults/main.yml
## Advanced option found in auditd post
## users whose actions are not logged by auditd
ubtu22cis_allow_auditd_uid_user_exclusions: false
# add a list of uids
ubtu22cis_auditd_uid_exclude:
- 1999
tasks/auditd.yml suggest conditional changes to just have
when:
- ubtu22cis_allow_auditd_uid_user_exclusions
I will raise the branch for this now for testing
many thanks
uk-bolly
branch issue#79#80
refers
thanks
uk-bolly
Thank you for the very timely treatment!
Describe the Issue There is code in the role that is only executed, if the variable
ubtu22cis_auditd_uid_exclude
contains an iterable value. However, the variable is never set anywhere.Expected Behavior Either add the variable (then the respective code has to be added) or remove the code (it sets up logging exceptions for users specified in
ubtu22cis_auditd_uid_exclude
.Actual Behavior Code regarding per-user audit-exceptions is never executed.
Control(s) Affected In a sense all audit-related measures.
Environment (please complete the following information):
Additional Notes
Possible Solution Either add the variable (then the respective code has to be added) or remove the code (it sets up logging exceptions for users specified in
ubtu22cis_auditd_uid_exclude
.