openstack/ansible-hardening
Code Issues Proposed changes

Merge "Remove outdated tasks Move AIDE database into place / Create AIDE cron job"

Browse Source
This commit is contained in:
Zuul
2025-10-18 11:22:21 +00:00
committed by Gerrit Code Review
parent d368589232 4a62cfd767
commit 11fdf775b2
1 changed files with 0 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
tasks/rhel7stig/aide.yml
View File

@@ -90,34 +90,3 @@
- medium
- aide
- V-71973
# NOTE(mhayden): This is only needed for CentOS 7, RHEL 7 and SUSE since Ubuntu
# copies the new AIDE database into place automatically with its AIDE wrapper
# script.
- name: Move AIDE database into place
ansible.builtin.command: "mv {{ aide_database_out_file }} {{ aide_database_file }}"
changed_when: false
when:
- aide_init is not skipped
- ansible_facts['pkg_mgr'] == 'dnf'
tags:
- medium
- aide
- V-71973
# NOTE(mhayden): This is only needed for CentOS 7, RHEL 7 and SUSE since the AIDE
# package doesn't come with a cron job file. Ubuntu packages a cron job for
# AIDE checks already.
- name: Create AIDE cron job
ansible.builtin.cron:
name: aide
cron_file: aide
user: root
special_time: daily
job: "/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily aide integrity check run\" root"
when:
- ansible_facts['pkg_mgr'] == 'dnf'
tags:
- medium
- aide
- V-71975