Skip to content

Commit

Permalink
Fixes case sensitive umask setting
Browse files Browse the repository at this point in the history
Signed-off-by: Dan D <daniel.deremiah@windriver.com>
  • Loading branch information
dderemiah committed Nov 29, 2023
1 parent f5d0a54 commit c6627a0
Showing 1 changed file with 6 additions and 7 deletions.
13 changes: 6 additions & 7 deletions tasks/section_4/cis_4.5.x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,14 +75,13 @@

- name: "4.5.4 | PATCH | Ensure default user umask is 027 or more restrictive"
ansible.builtin.lineinfile:
path: "{{ item }}"
regexp: '(?i)(umask\s*)'
line: '\g<1>{{ ubtu20cis_bash_umask }}'
backrefs: true
path: "{{ item.path }}"
regexp: '(?i)(umask\s*\d\d\d)'
line: '{{ item.line }} {{ ubtu22cis_bash_umask }}'
with_items:
- /etc/bash.bashrc
- /etc/profile
- /etc/login.defs
- { path: '/etc/bash.bashrc', line: 'umask' }
- { path: '/etc/profile', line: 'umask' }
- { path: '/etc/login.defs', line: 'UMASK' }

- name: "4.5.4 | PATCH | Ensure default user umask is 027 or more restrictive"
ansible.builtin.lineinfile:
Expand Down

0 comments on commit c6627a0

Please sign in to comment.