sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs(cis): add comment explaining squashfs/snap Ubuntu exclusion

Browse Source
This commit is contained in:
Sandwich
2026-02-21 02:38:58 +01:00
parent e81ba76446
commit 221bb4d517
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/cis/tasks/modules.yml
View File

@@ -1,6 +1,7 @@
--- ---
- name: Disable Kernel Modules - name: Disable Kernel Modules
vars: vars:
# Ubuntu uses squashfs for snap packages — blacklisting it breaks snap entirely
cis_modules_squashfs: "{{ [] if os in ['ubuntu', 'ubuntu-lts'] else ['squashfs'] }}" cis_modules_squashfs: "{{ [] if os in ['ubuntu', 'ubuntu-lts'] else ['squashfs'] }}"
cis_modules_all: "{{ cis_cfg.modules_blacklist + cis_modules_squashfs }}" cis_modules_all: "{{ cis_cfg.modules_blacklist + cis_modules_squashfs }}"
ansible.builtin.copy: ansible.builtin.copy: