From 7ac7099dc10eb9ddc91be7ff529ececdad3fd006 Mon Sep 17 00:00:00 2001
From: Jack Hodgkiss <identity@jackhodgkiss.uk>
Date: Thu, 16 Jan 2025 11:07:14 +0000
Subject: [PATCH] feat: disable `TMOUT` for development environments

To avoid disruption to development work, disable the shell timeout for
inactivity in the CIS hardening configuration for the `ci-aio` and
`ci-multinode` environments.
---
 .../inventory/group_vars/cis-hardening/cis       | 16 ++++++++++++++++
 .../inventory/group_vars/cis-hardening/cis       | 16 ++++++++++++++++
 ...emove-tmout-for-dev-env-0778550b353dce03.yaml |  6 ++++++
 3 files changed, 38 insertions(+)
 create mode 100644 etc/kayobe/environments/ci-aio/inventory/group_vars/cis-hardening/cis
 create mode 100644 etc/kayobe/environments/ci-multinode/inventory/group_vars/cis-hardening/cis
 create mode 100644 releasenotes/notes/remove-tmout-for-dev-env-0778550b353dce03.yaml

diff --git a/etc/kayobe/environments/ci-aio/inventory/group_vars/cis-hardening/cis b/etc/kayobe/environments/ci-aio/inventory/group_vars/cis-hardening/cis
new file mode 100644
index 000000000..50084c72f
--- /dev/null
+++ b/etc/kayobe/environments/ci-aio/inventory/group_vars/cis-hardening/cis
@@ -0,0 +1,16 @@
+---
+##############################################################################
+# Rocky 9 CIS Hardening Configuration
+
+# Disable shell timeout for inactivity which can be disruptive to
+# development work.
+rhel9cis_rule_5_4_3_2: false
+
+##############################################################################
+# Ubuntu Jammy CIS Hardening Configuration
+
+# Disable shell timeout for inactivity which can be disruptive to
+# development work.
+ubtu22cis_rule_5_4_3_2: false
+
+##############################################################################
diff --git a/etc/kayobe/environments/ci-multinode/inventory/group_vars/cis-hardening/cis b/etc/kayobe/environments/ci-multinode/inventory/group_vars/cis-hardening/cis
new file mode 100644
index 000000000..50084c72f
--- /dev/null
+++ b/etc/kayobe/environments/ci-multinode/inventory/group_vars/cis-hardening/cis
@@ -0,0 +1,16 @@
+---
+##############################################################################
+# Rocky 9 CIS Hardening Configuration
+
+# Disable shell timeout for inactivity which can be disruptive to
+# development work.
+rhel9cis_rule_5_4_3_2: false
+
+##############################################################################
+# Ubuntu Jammy CIS Hardening Configuration
+
+# Disable shell timeout for inactivity which can be disruptive to
+# development work.
+ubtu22cis_rule_5_4_3_2: false
+
+##############################################################################
diff --git a/releasenotes/notes/remove-tmout-for-dev-env-0778550b353dce03.yaml b/releasenotes/notes/remove-tmout-for-dev-env-0778550b353dce03.yaml
new file mode 100644
index 000000000..59e8d472c
--- /dev/null
+++ b/releasenotes/notes/remove-tmout-for-dev-env-0778550b353dce03.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Disable the CIS hardening rule ``*_rule_5_4_3_2`` to prevent ``TMOUT``
+    from being applied which can disrupt a development environment as it
+    closes ``TMUX`` panes and servers and may close active ssh session.