30 lines
722 B
YAML
30 lines
722 B
YAML
---
|
|
- name: Ensure cron and at access files exist
|
|
when: cis_effective_rules.cron_at_access | default(false)
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: touch
|
|
mode: "0600"
|
|
loop:
|
|
- /mnt/etc/at.allow
|
|
- /mnt/etc/cron.allow
|
|
|
|
- name: Ensure TCP wrapper files exist
|
|
when: cis_effective_rules.tcp_wrappers | default(false)
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: touch
|
|
mode: "0600"
|
|
loop:
|
|
- /mnt/etc/hosts.allow
|
|
- /mnt/etc/hosts.deny
|
|
|
|
- name: Ensure cron and at deny files do not exist
|
|
when: cis_effective_rules.cron_at_access | default(false)
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- /mnt/etc/at.deny
|
|
- /mnt/etc/cron.deny
|