Describe the Issue
There are, in my opinion, some things potentially incorrect regarding a particular subtask(Create the session profile file), part of the 1.8.4. rule block:
The elements of the loop should not be surrounded with quotes, as they'd be treated as strings(instead of hashes)
There's a typo in the 2nd list item, namely a double single quote in the end of this piece of code: 'system-db: {{ ubtu22cis_dconf_db_name }}''
Their subkey definition is not consistent, maybe due to a typo which caused also 2), respectively line attribute is missing from 2nd array element, despite being used as the value of line option of the lineinfile task.
Ansible returns an error if the file is not created, but my fix was to add create: yes to the lineinfile task.
Even after fixing 1-4, a subtle thing has to be done to correctly create session file / make CIS return a Pass: removing empty spaces in regexp/line values.
Expected Behavior
After installing gdm3 on the target system, if this rule would be implemented by the role, it'll have a Pass status on CIS assessments.
Actual Behavior
After installing gdm3 on the target system, if this rule would be implemented by the role, it returns a Fail status on CIS assessments.
Control(s) Affected
1.8.4
Environment (please complete the following information):
branch being used: [e.g. devel]
Additional Notes
Where I inspired myself from, doc-wise
Describe the Issue There are, in my opinion, some things potentially incorrect regarding a particular subtask(
Create the session profile file
), part of the 1.8.4. rule block:'system-db: {{ ubtu22cis_dconf_db_name }}''
line
attribute is missing from 2nd array element, despite being used as the value ofline
option of thelineinfile
task.create: yes
to thelineinfile
task.Pass
: removing empty spaces in regexp/line values.Expected Behavior After installing gdm3 on the target system, if this rule would be implemented by the role, it'll have a
Pass
status on CIS assessments.Actual Behavior After installing gdm3 on the target system, if this rule would be implemented by the role, it returns a
Fail
status on CIS assessments.Control(s) Affected 1.8.4
Environment (please complete the following information):
Additional Notes Where I inspired myself from, doc-wise
Possible Solution I'll add a PR.