0eef112699
This patch refactors the login.defs adjustments into a single task that loops over a variable. It also adds tasks for RHEL-07-010200, RHEL-07-010420, and RHEL-07-020230. Documentation is included. Implements: blueprint security-rhel7-stig Change-Id: I7c1f869d87338547da8943d5aa506ceb871cee68
17 lines
372 B
ReStructuredText
17 lines
372 B
ReStructuredText
---
|
|
id: RHEL-07-020230
|
|
status: implemented
|
|
tag: auth
|
|
---
|
|
|
|
The umask for authenticated users is set to ``077`` by the tasks in the
|
|
security role. This is the default for Ubuntu, CentOS, and Red Hat Enterprise
|
|
Linux already.
|
|
|
|
Deployers can choose a different umask value by setting the following Ansible
|
|
variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_shadow_utils_umask: 077
|