Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

4.2.1.5 conflicts with itself on cron, auth logs #203

Closed
scottdoane opened this issue May 24, 2022 · 1 comment
Closed

4.2.1.5 conflicts with itself on cron, auth logs #203

scottdoane opened this issue May 24, 2022 · 1 comment
Assignees
@uk-bolly

Comments

@scottdoane
Copy link

scottdoane commented May 24, 2022
edited

The auth and cron stanzas appear to be checking against the same line BEGIN Auth SETTINGS (ANSIBLE MANAGED), overwriting each other on every run.

TASK [RHEL8-CIS : 4.2.1.5 | PATCH | Ensure logging is configured | Auth Settings] ********************************************************************
--- before: /etc/rsyslog.conf (content)
+++ after: /etc/rsyslog.conf (content)
@@ -37,8 +37,8 @@

 #### RULES ####
 #BEGIN Auth SETTINGS (ANSIBLE MANAGED)
-# Cron settings to meet CIS standards
-cron.*                                                   /var/log/cron
+# Private settings to meet CIS standards
+auth,authpriv.*                                          -/var/log/secure
 #END Auth SETTINGS (ANSIBLE MANAGED)
 #BEGIN LOCAL LOG SETTINGS (ANSIBLE MANAGED)
 # local log settings to meet CIS standards

TASK [RHEL8-CIS : 4.2.1.5 | PATCH | Ensure logging is configured | Cron Settings] ********************************************************************
--- before: /etc/rsyslog.conf (content)
+++ after: /etc/rsyslog.conf (content)
@@ -37,8 +37,8 @@

 #### RULES ####
 #BEGIN Auth SETTINGS (ANSIBLE MANAGED)
-# Private settings to meet CIS standards
-auth,authpriv.*                                          -/var/log/secure
+# Cron settings to meet CIS standards
+cron.*                                                   /var/log/cron
 #END Auth SETTINGS (ANSIBLE MANAGED)
 #BEGIN LOCAL LOG SETTINGS (ANSIBLE MANAGED)
 # local log settings to meet CIS standards

Expected Behavior
Both cron and auth logs configurations should exist

Control(s) Affected
4.2.1.5

Environment (please complete the following information):

Ansible Version: 2.9.27
Host Python Version: 3.6.8
Ansible Server Python Version: 3.6.8
Additional Details:
uk-bolly added a commit that referenced this issue Jun 8, 2022
@uk-bolly
issue #203 change block marker
d728b88 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
@uk-bolly uk-bolly mentioned this issue Jun 8, 2022
Merged
@uk-bolly uk-bolly self-assigned this Jun 8, 2022
@uk-bolly uk-bolly mentioned this issue Jun 30, 2022
Merged
@georgenalen
Copy link
Contributor

This was addressed in release 2.1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@uk-bolly uk-bolly

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scottdoane @georgenalen @uk-bolly