Skip to content

Commit

Permalink
Updated defaults/main.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmc5179
ComplianceAsCode development team authored and dmc5179 committed Aug 9, 2022
1 parent f81d24c commit 7ce8ddc
Showing 1 changed file with 36 additions and 2 deletions.
38 changes: 36 additions & 2 deletions defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
---
# defaults file for rhel8_rht_ccp
var_system_crypto_policy: FIPS
var_authselect_profile: sssd
var_password_pam_unix_remember: '5'
var_accounts_passwords_pam_faillock_deny: '5'
var_password_pam_dcredit: '-1'
Expand All @@ -11,14 +12,43 @@ var_password_pam_retry: '3'
var_password_pam_ucredit: '-2'
var_password_hashing_algorithm: SHA512
var_accounts_minimum_age_login_defs: '7'
var_accounts_password_minlen_login_defs: '6'
var_accounts_password_warn_age_login_defs: '7'
var_selinux_policy_name: targeted
var_selinux_state: enforcing
sshd_idle_timeout_value: '300'
sshd_listening_port: '22'
DISA_STIG_RHEL_08_010010: true
DISA_STIG_RHEL_08_010020: true
DISA_STIG_RHEL_08_010040: true
DISA_STIG_RHEL_08_010110: true
DISA_STIG_RHEL_08_010151: true
DISA_STIG_RHEL_08_010159: true
DISA_STIG_RHEL_08_010160: true
DISA_STIG_RHEL_08_010170: true
DISA_STIG_RHEL_08_010287: true
DISA_STIG_RHEL_08_010300: true
DISA_STIG_RHEL_08_010310: true
DISA_STIG_RHEL_08_010330: true
DISA_STIG_RHEL_08_010340: true
DISA_STIG_RHEL_08_010359: true
DISA_STIG_RHEL_08_010370: true
DISA_STIG_RHEL_08_010450: true
DISA_STIG_RHEL_08_010550: true
DISA_STIG_RHEL_08_010830: true
DISA_STIG_RHEL_08_020010: true
DISA_STIG_RHEL_08_020104: true
DISA_STIG_RHEL_08_020110: true
DISA_STIG_RHEL_08_020120: true
DISA_STIG_RHEL_08_020130: true
DISA_STIG_RHEL_08_020170: true
DISA_STIG_RHEL_08_020190: true
DISA_STIG_RHEL_08_020280: true
DISA_STIG_RHEL_08_020330: true
DISA_STIG_RHEL_08_020331: true
DISA_STIG_RHEL_08_040000: true
DISA_STIG_RHEL_08_040023: true
DISA_STIG_RHEL_08_040101: true
accounts_minimum_age_login_defs: true
accounts_password_minlen_login_defs: true
accounts_password_pam_dcredit: true
accounts_password_pam_difok: true
accounts_password_pam_lcredit: true
Expand All @@ -33,6 +63,7 @@ configure_ssh_crypto_policy: true
configure_strategy: true
disable_host_auth: true
disable_strategy: true
enable_authselect: true
enable_strategy: true
ensure_gpgcheck_globally_activated: true
ensure_gpgcheck_never_disabled: true
Expand Down Expand Up @@ -71,6 +102,7 @@ no_empty_passwords: true
no_reboot_needed: true
package_aide_installed: true
package_telnet_removed: true
package_telnet_server_removed: true
patch_strategy: true
reboot_required: true
require_singleuser_auth: true
Expand All @@ -83,6 +115,8 @@ service_firewalld_enabled: true
service_telnet_disabled: true
set_password_hashing_algorithm_libuserconf: true
set_password_hashing_algorithm_logindefs: true
set_password_hashing_algorithm_passwordauth: true
set_password_hashing_algorithm_systemauth: true
skip_ansible_lint: true
sshd_allow_only_protocol2: true
sshd_disable_empty_passwords: true
Expand Down

0 comments on commit 7ce8ddc

Please sign in to comment.