The task sysctl fails when /etc/initramfs-tools is not present

[BboyKeen]

Hi,

When I tried to run the playbook on a Debian Jessie 8.2 (Scaleway image : https://github.com/scaleway/image-debian), the task sysctl failed with the following message :

TASK [dev-sec.os-hardening : rebuild initramfs with starting pack of modules, if module loading at runtime is disabled] ***
fatal: [app0]: FAILED! => {"changed": true, "failed": true, "msg": "Destination directory /etc/initramfs-tools does not exist"}

I suppose that a simple fix would be adding a task ensuring that the directory is present :

- name: Create initramfs-tools directory
  file: path=/etc/initramfs-tools state=directory mode=0755

But I wonder why I have this issue as I don't have it with this Vagrant box https://atlas.hashicorp.com/bento/boxes/debian-8.2

[rndmh3ro]

I don't know why this happens but I'll try to reproduce it. Is this an ARM machine or x86?

[BboyKeen]

This an x86 machine. I use a C2S server.

[rndmh3ro]

Okay, the reason seems to be that Debian 8 does not come with initramfs-tools installed by default.

The bento boxes however install linux-image-$arch (see https://github.com/chef/bento/blob/2.3.2/scripts/debian/update.sh#L7) and initramfs-tools is a dependency of linux-image-$arch.

I'm going to make a PR that installs initramfs-tools if it is not installed and when: ansible_os_family == 'Debian' and os_security_kernel_enable_module_loading

[rndmh3ro]

The fix in branch fix_111 works.

[BboyKeen]

Thanks for your explanation. I merge your fix in my fork and come back to you soon.

[portela-simbiose]

Just for the record, I had the same problem with Ubuntu 16.04 which apparently didn't come with initramfs-tools installed. Using #114 did solve this issue.

[rndmh3ro]

fixed in #114