f422da8599
Add support for the openSUSE Leap distributions. The security rules are similar to the RedHat and Ubuntu ones. We also replace ansible_os_family with ansible_pkg_mgr since the former does not return consistent results across different SUSE distributions especially on older Ansible versions. Change-Id: I20ffe17039bb641aad70d8123f0b7e7417a42cba
30 lines
1.1 KiB
ReStructuredText
30 lines
1.1 KiB
ReStructuredText
---
|
|
id: V-72225
|
|
status: implemented
|
|
tag: sshd
|
|
---
|
|
|
|
The tasks in the security role deploy a standard notice and consent banner into
|
|
``/etc/motd`` on each server. Ubuntu, CentOS, Red Hat Enterprise Linux,
|
|
openSUSE Leap and SUSE Linux Enterprise display this banner after each successful
|
|
login via ssh or the console.
|
|
|
|
Deployers can choose a different destination for the banner by setting the
|
|
following Ansible variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_sshd_banner_file: /etc/motd
|
|
|
|
The message is customized with the following Ansible variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_login_banner_text: |
|
|
------------------------------------------------------------------------------
|
|
* WARNING *
|
|
* You are accessing a secured system and your actions will be logged along *
|
|
* with identifying information. Disconnect immediately if you are not an *
|
|
* authorized user of this system. *
|
|
------------------------------------------------------------------------------
|