f422da8599
Add support for the openSUSE Leap distributions. The security rules are similar to the RedHat and Ubuntu ones. We also replace ansible_os_family with ansible_pkg_mgr since the former does not return consistent results across different SUSE distributions especially on older Ansible versions. Change-Id: I20ffe17039bb641aad70d8123f0b7e7417a42cba
540 B
540 B
---id: V-72275 status: verification only tag: auth ---
The PAM configuration is checked for the presence of
pam_lastlogin and a warning message is printed if the
directive is not found. The tasks in the security role do not adjust PAM
configurations since these changes might be disruptive in some
environments.
Deployers should review their PAM configurations and add
pam_lastlogin to /etc/pam.d/postlogin on
CentOS and Red Hat Enterprise Linux or to /etc/pam.d/login
on Ubuntu, openSUSE Leap and SUSE Linux Enterprise.