Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug - Nobody gets ownership of / #23

Closed
kris9854 opened this issue Sep 12, 2022 · 3 comments
Closed

Bug - Nobody gets ownership of / #23

kris9854 opened this issue Sep 12, 2022 · 3 comments
Assignees
Labels
bug Something isn't working

Comments

@kris9854
Copy link
Contributor

kris9854 commented Sep 12, 2022

Describe the Issue
Bug: The nobody account gets ownership of /. Following the rhel8-cis hardning it should be skipped when nobody's path is set.

Expected Behavior
The role should ensure that all users own their home directories. Though this shouldn't be for the nobody account.

Additional Notes
Before change the task looks like:

- name: "6.2.10 | PATCH | Ensure users own their home directories"
  file:
      path: "{{ item.dir }}"
      owner: "{{ item.id }}"
      state: directory
  with_items: "{{ rhel9cis_passwd }}"
  loop_control:
      label: "{{ rhel9cis_passwd_label }}"
  when:
      - min_int_uid | int <= item.uid
      - rhel9cis_rule_6_2_10
  tags:
      - skip_ansible_lint  # settings found on 6_2_7
      - level1-server
      - level1-workstation
      - automated
      - patch
      - users
      - rule_6.2.10

Possible Solution:

- name: "6.2.10 | PATCH | Ensure users own their home directories"
  file:
      path: "{{ item.dir }}"
      owner: "{{ item.id }}"
      state: directory
  with_items: "{{ rhel9cis_passwd }}"
  loop_control:
      label: "{{ rhel9cis_passwd_label }}"
  when:
      - min_int_uid | int <= item.uid
      - item.id != 'nobody' #added from rhel8 role to fix nobody own /
      - rhel9cis_rule_6_2_10
  tags:
      - skip_ansible_lint  # settings found on 6_2_7
      - level1-server
      - level1-workstation
      - automated
      - patch
      - users
      - rule_6.2.10
@kris9854 kris9854 added the bug Something isn't working label Sep 12, 2022
@uk-bolly
Copy link
Member

uk-bolly commented Sep 12, 2022

hi @kris9854

Thank you for raising the issue, feedback like this helps us to improve. I believe this is resolved under a PR that is outstanding. I will follow this up to confirm and try to get the merge carried out asap.

Thank you again for the feedback it is appreciated.

regards

uk-bolly

@uk-bolly
Copy link
Member

Hi @kris9854

Thank you again for your feedback. This appears to have been resolved in #18 ? Please let us know if this is still an issue?

many thanks

uk-bolly

@kris9854
Copy link
Contributor Author

Hej @uk-bolly, just forgot to close it after PR. Sorry

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants