portfolio/infra-run/ansible/roles/cis-aix7-hardening/handlers/main.yml

---
- name: Validate sshd configuration
  ansible.builtin.command: "{{ cis_sshd_test_command }}"
  changed_when: false
  listen: validate sshd

- name: Restart sshd using SRC
  ansible.builtin.shell: |
    set -o pipefail
    if lssrc -s sshd >/dev/null 2>&1; then
      stopsrc -s sshd >/dev/null 2>&1 || true
      startsrc -s sshd
    fi
  args:
    executable: /bin/ksh
  changed_when: true
  listen: restart sshd

- name: Refresh inetd
  ansible.builtin.command: refresh -s inetd
  changed_when: true
  failed_when: false
  listen: refresh inetd

- name: Refresh syslog
  ansible.builtin.command: refresh -s syslogd
  changed_when: true
  failed_when: false
  listen: refresh syslog

- name: Restart audit subsystem
  ansible.builtin.shell: |
    set -o pipefail
    if lssrc -s audit >/dev/null 2>&1; then
      stopsrc -s audit >/dev/null 2>&1 || true
      startsrc -s audit
    else
      audit start
    fi
  args:
    executable: /bin/ksh
  changed_when: true
  when: cis_enable_audit | bool
  listen: restart audit