Skip to content

Commit

Permalink
Merge pull request dev-sec#69 from dev-sec/always_run_task
Browse files Browse the repository at this point in the history 
add always_run: true to task. fix dev-sec#64
  • Loading branch information
Sebastian Gumprich committed Jun 13, 2016
2 parents b2f5969 + 6c42c7f commit 6b40cfe
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@
command: getenforce
register: sestatus
failed_when: false
ignore_errors: true
changed_when: false
always_run: true

- name: check the ssh_password policy state
shell: semodule -l | grep "ssh_password" | awk '{print $3}'
shell: semodule -l | grep "ssh_password" | awk '{print $3}'
register: selinux_policy_state
when: sestatus.rc == 0 and sestatus.stdout != 'Disabled'
failed_when: false
changed_when: false

- name: create sshd_config and set permissions to root/600
Expand Down

0 comments on commit 6b40cfe

Please sign in to comment.