fix(auditd): add lint and debug

dbmurphy · Jan 10, 2024 · b2575a9 · b2575a9
1 parent 2dd988d
commit b2575a9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 5 deletions.
diff --git a/roles/cis_security/tasks/type-files/redhat-7-type.yml b/roles/cis_security/tasks/type-files/redhat-7-type.yml
@@ -1616,12 +1616,21 @@
         - {find: '^admin_space_left_action\s+=\s+((?!suspend).)*$', replace: 'admin_space_left_action = suspend'} # 4.1.1.2
       notify: Restart auditd
       tags:
-        - 4.1.1.2
-        - 4.1.1.3
+        - 4.1.2.1
+        - 4.1.2.2
+        - 4.1.2.3
+
+    - name: 4.1.2.[1-2] - Get AuditD config
+      ansible.builtin.shell: cat /etc/audit/auditd.conf
+      register: auditd_conf
+      tags:
+        - 4.1.2.1
+        - 4.1.2.2
+        - 4.1.2.3
 
-    - name: 4.1.2.[1-2] - Print new AuditD config
+    - name: 4.1.2.[1-2] - Print AutidD config
       ansible.builtin.debug:
-        msg: "{{ lookup('file', '/etc/audit/auditd.conf') }}"
+        msg: "{{ auditd_conf.stdout }}"
       tags:
         - 4.1.2.1
         - 4.1.2.2

diff --git a/roles/cis_security/tasks/type-files/ubuntu-18-type.yml b/roles/cis_security/tasks/type-files/ubuntu-18-type.yml
@@ -1576,8 +1576,17 @@
         - 4.1.2.2
         - 4.1.2.3
 
-    - name: 4.1.2.[1-2] - Print new AuditD config on remote host
+    - name: 4.1.2.[1-2] - Get AuditD config
       ansible.builtin.shell: cat /etc/audit/auditd.conf
+      register: auditd_conf
+      tags:
+        - 4.1.2.1
+        - 4.1.2.2
+        - 4.1.2.3
+
+    - name: 4.1.2.[1-2] - Print AutidD config
+      ansible.builtin.debug:
+        msg: "{{ auditd_conf.stdout }}"
       tags:
         - 4.1.2.1
         - 4.1.2.2