Comment out accounts tag from clamav.yml #21

Workflow file for this run

.github/workflows/ansible-playbook.yml at 86f7fce

	name: ansible-playbook
	on: [push, pull_request]

	env:
	ANSIBLE_FORCE_COLOR: '1'

	jobs:
	banners:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Ansible playbook for banners
	run: ansible-playbook -v harden.yml --tags banners --extra-vars run_lynis_after_hardening=true
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-banner.log
	path: /var/log/lynis.log
	authentication:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group authentication
	- name: Run Ansible playbook for passwords, pam & umask
	run: ansible-playbook harden.yml --tags passwords,pam,umask,accounts --skip-tags slackware,centos
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group authentication
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-authentication.log
	path: /var/log/lynis.log
	accounting:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group accounting
	- name: Run Ansible playbook for accounting, audit & sysstat
	run: ansible-playbook harden.yml --tags accounting,audit,sysstat --skip-tags slackware,centos
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group accounting
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-accounting.log
	path: /var/log/lynis.log
	scheduling:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group scheduling
	- name: Run Ansible playbook for cron
	run: ansible-playbook harden.yml --tags cron --skip-tags slackware
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group scheduling
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-scheduling.log
	path: /var/log/lynis.log
	shells:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group shells
	- name: Run Ansible playbook for umask & shells
	run: ansible-playbook harden.yml --tags umask,shells --skip-tags slackware
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group shells
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-shells.log
	path: /var/log/lynis.log
	malware:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group malware
	- name: Install jmespath
	run: sudo pipx inject ansible-core jmespath
	- name: Run Ansible playbook for clamav, rkhunter & chkrootkit
	run: ansible-playbook harden.yml --tags clamav,rkhunter,chkrootkit --skip-tags slackware,yara
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group malware
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-malware.log
	path: /var/log/lynis.log
	mac_frameworks:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group mac_frameworks
	- name: Run Ansible playbook for apparmor
	run: ansible-playbook harden.yml --tags apparmor
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group mac_frameworks
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-mac_frameworks.log
	path: /var/log/lynis.log
	file_permissions:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group file_permissions
	- name: Run Ansible playbook for cron & permissions
	run: ansible-playbook harden.yml --tags cron,permissions --skip-tags slackware
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group file_permissions
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-file_permissions.log
	path: /var/log/lynis.log
	kernel_hardening:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group kernel_hardening
	- name: Run Ansible playbook for kernel
	run: ansible-playbook harden.yml --tags kernel
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group kernel_hardening
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-kernel_hardening.log
	path: /var/log/lynis.log
	file_integrity:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Lynis
	run: ansible-playbook -v harden.yml --tags lynis --skip-tags slackware,centos
	- name: Run Lynis (pre-harden)
	run: sudo lynis audit system --skip-plugins --tests-from-group file_integrity
	- name: Run Ansible playbook for kernel
	run: ansible-playbook harden.yml --tags aide
	- name: Run Lynis
	run: sudo lynis audit system --skip-plugins --tests-from-group file_integrity
	- name: chmod Lynis log
	run: sudo chmod -c 644 /var/log/lynis.log
	- name: Archive Lynis log
	uses: actions/upload-artifact@v4
	with:
	name: lynis-file_integrity.log
	path: /var/log/lynis.log

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comment out accounts tag from clamav.yml #21

Workflow file

Comment out accounts tag from clamav.yml #21

Jobs

Run details

Workflow file for this run