fa2800419e
This patch migrates all of the remaining non-unique variable names in the security role to a pattern that begins with `security_*`. This will reduce potential variable collisions with other roles. This is a breaking change for deployers and users who are moving from the liberty or stable/mitaka branches to master. Release notes are included with additional details to help with the transition. Closes-Bug: 1578326 Change-Id: Ib716e81e6fed971b21dc5579ae1a871736e21189
438 B
438 B
The STIG requires that daemons have their umask set to
027 or 022. Since changing umasks can disrupt
some systems, this is an opt-in change.
Deployers that want this change applied to their systems must set the
Ansible variable security_umask_daemons_init to
027. The current default for Ubuntu 14.04 is
027 already, so deployers do not need to make any
adjustments to Ansible variables to meet the STIG requirement.