Skip to content

Commit

Permalink
fix: idempotency molecule issue fixed for logfiles and prevent skippi…
Browse files Browse the repository at this point in the history
…ng 0600 ansible-lockdown#173

Signed-off-by: rjacobs1990 <[email protected]>
  • Loading branch information
rjacobs1990 committed Feb 12, 2024
1 parent c805ee3 commit 8652390
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion tasks/section_4/cis_4.2.3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
- name: "4.2.3 | PATCH | Ensure permissions on all logfiles are configured | change permissions"
ansible.builtin.file:
path: "{{ item.path }}"
mode: "{% if item.mode != '0600' %}0640{% endif %}"
mode: "{{ '0640' if item.mode != '0600' else '0600' }}"
loop: "{{ logfiles.files }}"
loop_control:
label: "{{ item.path }}"
Expand Down

0 comments on commit 8652390

Please sign in to comment.