Add RHEL 9 CIS-inspired hardening playbook
This commit is contained in:
@@ -0,0 +1,24 @@
|
||||
---
|
||||
- name: Validate sshd configuration
|
||||
ansible.builtin.command: sshd -t
|
||||
changed_when: false
|
||||
listen: validate sshd
|
||||
|
||||
- name: Reload sshd
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: reloaded
|
||||
listen: reload sshd
|
||||
|
||||
- name: Restart auditd
|
||||
ansible.builtin.service:
|
||||
name: auditd
|
||||
state: restarted
|
||||
use: service
|
||||
listen: restart auditd
|
||||
|
||||
- name: Restart rsyslog
|
||||
ansible.builtin.service:
|
||||
name: rsyslog
|
||||
state: restarted
|
||||
listen: restart rsyslog
|
||||
Reference in New Issue
Block a user