Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Oracle Linux rhel8stig_bootloader_path and RHEL-08-020030 fix #253

Merged
merged 2 commits into from
Feb 20, 2024
Merged

Oracle Linux rhel8stig_bootloader_path and RHEL-08-020030 fix #253

merged 2 commits into from
Feb 20, 2024

Conversation

BillSkiCO
Copy link
Contributor

Addressing Oracle Linux distribution identification issue #239

Overall Review of Changes:

  • Oracle Linux distribution was being incorrectly identified in the prelim.yml task
  • RHEL-08-020030 related task fails if lock-enabled is already defined in dconf

Issue Fixes:
Resolves #239
Resolves #241

Enhancements:
N/A

How has this been tested?:

  • Ansible 2.16
  • Oracle Linux 8.8
  1. Observed successful variable assignment of rhel8stig_bootloader_path to /boot/efi/EFI/redhat
TASK [ansible-lockdown.RHEL8-STIG : PRELIM | set fact if UEFI boot | Oracle Linux] *******
ok: [localhost] => {"ansible_facts": {"rhel8stig_bootloader_path": "/boot/efi/EFI/redhat", "rhel8stig_legacy_boot": false}, "changed": false}
...
...
...
TASK [ansible-lockdown.RHEL8-STIG : PRELIM | output bootloader and efi state] ************
ok: [localhost] => {
    "msg": [
        "bootloader path set to /boot/efi/EFI/redhat",
        "legacy boot equals False"
    ]
}
  1. Observed successful enforcement of lock-enabled=true if lock-enabled was already implemented in dconf

@BillSkiCO
Update prelim.yml
d8775a0 
Update prelim.yml
Addressing Oracle Linux distribution identification issue ansible-lockdown#239

Signed-off-by: William Golembieski <william@armoryanalytics.com>
@BillSkiCO
Update fix-cat2.yml
a94b0ec 
Addressing issue ansible-lockdown#241

Signed-off-by: William Golembieski <william@armoryanalytics.com>
uk-bolly
uk-bolly approved these changes Feb 20, 2024
View reviewed changes
Copy link
Member

@uk-bolly uk-bolly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great fixes thank you

@uk-bolly uk-bolly merged commit 41a8e29 into ansible-lockdown:devel Feb 20, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uk-bolly uk-bolly uk-bolly approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

RHEL-08-020030 failure if control in place already Oracle Linux Distribution not identified correctly
2 participants
@BillSkiCO @uk-bolly