Tree - rpms/scap-security-guide

rpms / scap-security-guide

Files

Commit: 889f2b583f8e6c5f14571e0d693652afe8844c45
Blob Blame History Raw
From a9660f01ecd85240df9460f141387dd2874eba82 Mon Sep 17 00:00:00 2001
From: Marcus Burghardt <marcus@mbsec.com.br>
Date: Fri, 9 Jul 2021 16:15:28 +0200
Subject: [PATCH] Bug 1857179 - Improved ansible fix for banner files. Replace
 files only when necessary.

---
 .../banner_etc_issue/ansible/shared.yml              | 12 +++---------
 .../banner_etc_motd/ansible/shared.yml               | 12 +++---------
 2 files changed, 6 insertions(+), 18 deletions(-)

diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
index ff6b6eab42b..4f6d64fd7ac 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
@@ -5,13 +5,7 @@
 # disruption = medium
 {{{ ansible_instantiate_variables("login_banner_text") }}}
 
-- name: "{{{ rule_title }}} - remove incorrect banner"
-  file:
-    state: absent
-    path: /etc/issue
-
-- name: "{{{ rule_title }}} - add correct banner"
-  lineinfile:
+- name: "{{{ rule_title }}} - ensure correct banner"
+  copy:
     dest: /etc/issue
-    line: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
-    create: yes
+    content: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
index 15eb3cc1cbd..2c645889336 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
@@ -5,13 +5,7 @@
 # disruption = medium
 {{{ ansible_instantiate_variables("login_banner_text") }}}
 
-- name: "{{{ rule_title }}} - remove incorrect banner"
-  file:
-    state: absent
-    path: /etc/motd
-
-- name: "{{{ rule_title }}} - add correct banner"
-  lineinfile:
+- name: "{{{ rule_title }}} - ensure correct banner"
+  copy:
     dest: /etc/motd
-    line: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
-    create: yes
+    content: '{{{ ansible_deregexify_banner_etc_issue("login_banner_text") }}}'
rpms / scap-security-guide

Source Code

Files
