Hardening fails on Centos 7.1 at task 'remove suid/sgid bit from all binaries except in system and user whitelist'

dev-sec / ansible-collection-hardening

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

http://dev-sec.io/

Apache License 2.0

3.98k stars 727 forks source link

Hardening fails on Centos 7.1 at task 'remove suid/sgid bit from all binaries except in system and user whitelist' #72

Closed belmarca closed 8 years ago

belmarca commented 8 years ago

Related to issue #71 . After commenting out the lines causing error in the previous issue, I get the following:

TASK [hardening.os-hardening : remove suid/sgid bit from all binaries except in system and user whitelist] ***
fatal: [idp-centos]: FAILED! => {"failed": true, "msg": "ERROR! 'suid' is undefined"}

Can anyone reproduce?

rndmh3ro commented 8 years ago

This should be fixed already here: https://github.com/hardening-io/ansible-os-hardening/commit/eedd504e33815f8ab89879f3267d2c6e0f1205ae.

Please try the master branch. We'll upload a new version to ansible galaxy soon, which includes this fix.

belmarca commented 8 years ago

Ah ok. I assumed the version on Galaxy was the latest.