openstack/ansible-hardening
Code Issues Proposed changes

Fix bare jinja variable pam_password_file

Browse Source 
The pam_password_variable didn't have jinja tags around it and it
wasn't being handled correctly. This patch fixes the bug and makes
the task name easier to read.

Closes-Bug: 1693343
Change-Id: Ie469c32a71c3c0e1b381739290ffb608bb04a21c
This commit is contained in:
Major Hayden 2017-05-24 14:50:19 -05:00
parent e416859438
commit d7600f1a12
No known key found for this signature in database
GPG Key ID: 737051E0C1011FB1
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tasks/rhel7stig/auth.yml
View File

@ -65,9 +65,9 @@
- high
- V-71937
- name: V-71945 - If three unsuccessful logon attempts within 15 minutes occur the associated account must be locked.
- name: Lock accounts after three failed login attempts a 15 minute period
blockinfile:
dest: pam_password_file
dest: "{{ pam_password_file }}"
state: present
marker: "# {mark} MANAGED BY OPENSTACK-ANSIBLE-SECURITY"
insertbefore: EOF