add ansible remediation

linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/ansible/shared.yml

@@ -0,0 +1,31 @@
+# platform = Oracle Linux 7,Oracle Linux 8,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Virtualization 4,WRLinux 1019
+# reboot = false
+# complexity = low
+# strategy = configure
+# disruption = low
+
+{{{ ansible_instantiate_variables("tftpd_secure_directory") }}}
+
+- name: "Find out if the file exists and contains the line configuring server arguments"
+  find:
+    path: "/etc/xinetd.d"
+    patterns: "tftp"
+    contains: '^[\s]+server_args.*$'
+  register: tftpd_secure_config_line
+
+- name: "Ensure that TFTP server is configured to start with secure directory"
+  lineinfile:
+    path: "/etc/xinetd.d/tftp"
+    regexp: '^[\s]*(server_args[\s]+=[\s]+.*?)(-s[\s]+[/\.\w]+)*(.*)$'
+    line: '\1 -s {{ tftpd_secure_directory }} \3'
+    state: present
+    backrefs: true
+  when: tftpd_secure_config_line is defined and tftpd_secure_config_line.matched > 0
+
+- name: "Insert correct config line to start TFTP server with secure directory"
+  lineinfile:
+    path: "/etc/xinetd.d/tftp"
+    line: "server_args = -s {{ tftpd_secure_directory }}"
+    state: present
+    create: true
+  when: tftpd_secure_config_line is defined and tftpd_secure_config_line.matched == 0