Rename internal parameter user_list to hardening_user_list
The user_list parameter is a pure internal parameter. The user_list parameter conflicts with the parameter of one of our roles. As this is a pure internal parameter, it can simply be renamed. Change-Id: I87ddb138ba78584ba63f463ec304460c970206ad
This commit is contained in:
Christian Berendt
parent
e7398242fb
commit
d2e1d2ee56
@ -164,10 +164,10 @@
|
|||||||
debug:
|
debug:
|
||||||
msg: >
|
msg: >
|
||||||
The following users have GIDs in /etc/passwd that do not exist in /etc/group:
|
The following users have GIDs in /etc/passwd that do not exist in /etc/group:
|
||||||
{{ user_list.users | selectattr('group', 'equalto', False) | map(attribute='name') | join(', ') }}
|
{{ hardening_user_list.users | selectattr('group', 'equalto', False) | map(attribute='name') | join(', ') }}
|
||||||
when:
|
when:
|
||||||
- user_list is defined
|
- hardening_user_list is defined
|
||||||
- user_list.users | selectattr('group', 'equalto', False) | list | length > 0
|
- hardening_user_list.users | selectattr('group', 'equalto', False) | list | length > 0
|
||||||
tags:
|
tags:
|
||||||
- accounts
|
- accounts
|
||||||
- low
|
- low
|
||||||
@ -200,10 +200,10 @@
|
|||||||
debug:
|
debug:
|
||||||
msg: |
|
msg: |
|
||||||
The following users do not have a home directory assigned:
|
The following users do not have a home directory assigned:
|
||||||
{{ user_list.users | selectattr('dir', 'equalto', '') | map(attribute='name') | join(', ') }}
|
{{ hardening_user_list.users | selectattr('dir', 'equalto', '') | map(attribute='name') | join(', ') }}
|
||||||
when:
|
when:
|
||||||
- user_list is defined
|
- hardening_user_list is defined
|
||||||
- user_list.users | selectattr('dir', 'equalto', '') | map(attribute='name') | list | length > 0
|
- hardening_user_list.users | selectattr('dir', 'equalto', '') | map(attribute='name') | list | length > 0
|
||||||
tags:
|
tags:
|
||||||
- accounts
|
- accounts
|
||||||
- medium
|
- medium
|
||||||
@ -214,7 +214,7 @@
|
|||||||
path: "{{ item['dir'] }}"
|
path: "{{ item['dir'] }}"
|
||||||
when:
|
when:
|
||||||
- item['dir'] | length > 0
|
- item['dir'] | length > 0
|
||||||
with_items: "{{ user_list.users }}"
|
with_items: "{{ hardening_user_list.users }}"
|
||||||
register: home_directory_checks
|
register: home_directory_checks
|
||||||
tags:
|
tags:
|
||||||
- accounts
|
- accounts
|
||||||
|
|||||||
@ -102,7 +102,7 @@
|
|||||||
- item.uid >= 1000
|
- item.uid >= 1000
|
||||||
- item.name != 'nobody'
|
- item.name != 'nobody'
|
||||||
- security_set_home_directory_permissions_and_owners | bool
|
- security_set_home_directory_permissions_and_owners | bool
|
||||||
with_items: "{{ user_list.users | selectattr('uid', 'greaterthan', 999) | list }}"
|
with_items: "{{ hardening_user_list.users | selectattr('uid', 'greaterthan', 999) | list }}"
|
||||||
tags:
|
tags:
|
||||||
- medium
|
- medium
|
||||||
- file_perms
|
- file_perms
|
||||||
|
|||||||
@ -40,7 +40,7 @@
|
|||||||
- name: Get user data for all users on the system
|
- name: Get user data for all users on the system
|
||||||
get_users:
|
get_users:
|
||||||
min_uid: 0
|
min_uid: 0
|
||||||
register: user_list
|
register: hardening_user_list
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user