Merge pull request #45 from ansible-lockdown/sept30_24

Sept30 24
ansible-lockdown · Oct 3, 2024 · 8474963 · 8474963
2 parents e6ec0da + ff93186
commit 8474963
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -1,4 +1,4 @@
-# Ubuntu22CIS
+# RHEL9STIG
 
 ## 1.2.1 Based on STIG V1R2 Jan24 2024
 

diff --git a/tasks/Cat2/RHEL-09-23xxxx.yml b/tasks/Cat2/RHEL-09-23xxxx.yml
@@ -1958,7 +1958,7 @@
     warn_control_id: "MEDIUM | RHEL-09-232260"
   block:
     - name: "MEDIUM | RHEL-09-232260 | AUDIT | RHEL 9 must be configured so that all system device files are correctly labeled to prevent unauthorized modification. | / scan"
-      ansible.builtin.shell: find / -context *:unlabeled_t:* \( -type c -o -type b \) -printf "%p %Z"
+      ansible.builtin.shell: find /dev -context *:unlabeled_t:* \( -type c -o -type b \) -printf "%p %Z" | grep -v 'vmci'
       changed_when: false
       failed_when: rhel9stig_unlabelled_files.rc not in [ 0, 1 ]
       register: rhel9stig_unlabelled_files

diff --git a/tasks/post_remediation_audit.yml b/tasks/post_remediation_audit.yml
@@ -35,7 +35,7 @@
     - audit_format == "documentation"
   block:
     - name: Post Audit | Capture audit data if documentation format
-      ansible.builtin.shell: "tail -2 /opt/audit_ubuntu2204-CIS-UBUNTU22_1720624848.documentation"
+      ansible.builtin.shell: "tail -2 {{ post_audit_outfile }}"
       register: post_audit_summary
       changed_when: false