Ansible-Bootstrap/roles/cis/defaults/main.yml

---
cis_permission_targets:
  - {path: "/mnt/etc/ssh/sshd_config", mode: "0600"}
  - {path: "/mnt/etc/cron.hourly", mode: "0700"}
  - {path: "/mnt/etc/cron.daily", mode: "0700"}
  - {path: "/mnt/etc/cron.weekly", mode: "0700"}
  - {path: "/mnt/etc/cron.monthly", mode: "0700"}
  - {path: "/mnt/etc/cron.d", mode: "0700"}
  - {path: "/mnt/etc/crontab", mode: "0600"}
  - {path: "/mnt/etc/logrotate.conf", mode: "0644"}
  - {path: "/mnt/usr/sbin/pppd", mode: "0754"}
  - {path: "/mnt/usr/bin/{{ cis_fusermount_binary }}", mode: "0755"}
  - {path: "/mnt/usr/bin/{{ cis_write_binary }}", mode: "0755"}