From d7600f1a12f655e9136c1a2bfa102b6f47e0e198 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Wed, 24 May 2017 14:50:19 -0500 Subject: [PATCH] Fix bare jinja variable pam_password_file The pam_password_variable didn't have jinja tags around it and it wasn't being handled correctly. This patch fixes the bug and makes the task name easier to read. Closes-Bug: 1693343 Change-Id: Ie469c32a71c3c0e1b381739290ffb608bb04a21c --- tasks/rhel7stig/auth.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/rhel7stig/auth.yml b/tasks/rhel7stig/auth.yml index c24b2e88..fb337323 100644 --- a/tasks/rhel7stig/auth.yml +++ b/tasks/rhel7stig/auth.yml @@ -65,9 +65,9 @@ - high - V-71937 -- name: V-71945 - If three unsuccessful logon attempts within 15 minutes occur the associated account must be locked. +- name: Lock accounts after three failed login attempts a 15 minute period blockinfile: - dest: pam_password_file + dest: "{{ pam_password_file }}" state: present marker: "# {mark} MANAGED BY OPENSTACK-ANSIBLE-SECURITY" insertbefore: EOF