Merge pull request #100 from ansible-lockdown/alignment

Alignment
ansible-lockdown · Sep 26, 2023 · 129c3b0 · 129c3b0
2 parents ad2c8b7 + 19647c7
commit 129c3b0
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 6 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -6,12 +6,10 @@ skip_list:
     - 'schema'
     - 'no-changed-when'
     - 'var-spacing'
-    - 'fqcn-builtins'
     - 'experimental'
     - 'name[play]'
     - 'name[casing]'
     - 'name[template]'
-    - 'fqcn[action]'
     - 'key-order[task]'
     - '204'
     - '305'

diff --git a/README.md b/README.md
@@ -78,7 +78,7 @@ This can be turned on or off within the defaults/main.yml file with the variable
 
 This is a much quicker, very lightweight, checking (where possible) config compliance and live/running settings.
 
-A new form of auditing has been develeoped, by using a small (12MB) go binary called [goss](https://github.com/aelsabbahy/goss) along with the relevant configurations to check. Without the need for infrastructure or other tooling.
+A new form of auditing has been developed, by using a small (12MB) go binary called [goss](https://github.com/goss-org/goss) along with the relevant configurations to check. Without the need for infrastructure or other tooling.
 This audit will not only check the config has the correct setting but aims to capture if it is running with that configuration also trying to remove [false positives](https://www.mindpointgroup.com/blog/is-compliance-scanning-still-relevant/) in the process.
 
 Refer to [UBUNTU22-CIS-Audit](https://github.com/ansible-lockdown/UBUNTU22-CIS-Audit).

diff --git a/tasks/section_1/cis_1.8.x.yml b/tasks/section_1/cis_1.8.x.yml
@@ -72,7 +72,7 @@
             regexp: "{{ item.regexp }}"
             line: "{{ item.line }}"
             insertafter: "{{ item.after | default(omit) }}"
-            create: yes
+            create: true
         loop:
             - { regexp: 'user-db:user', line: 'user-db:user' }
             - { regexp: 'system-db:{{ ubtu22cis_dconf_db_name }}', line: 'system-db:{{ ubtu22cis_dconf_db_name }}', after: '^user-db.*' }

diff --git a/tasks/section_4/cis_4.2.1.x.yml b/tasks/section_4/cis_4.2.1.x.yml
@@ -8,13 +8,13 @@
         failed_when: false
         register: ubtu22cis_4_2_1_2_status
 
-      - name: "4.2.2.2 | AUDIT | Ensure journald service is enabled | Alert on bad status"
+      - name: "4.2.1.2 | AUDIT | Ensure journald service is enabled | Alert on bad status"
         ansible.builtin.debug:
             msg:
                 - "Warning!! The status of systemd-journald should be static and it is not. Please investigate"
         when: "'static' not in ubtu22cis_4_2_1_2_status.stdout"
 
-      - name: "4.2.2.2 | AUDIT | Ensure journald service is enabled | Warn Count"
+      - name: "4.2.1.2 | AUDIT | Ensure journald service is enabled | Warn Count"
         ansible.builtin.import_tasks:
             file: warning_facts.yml
         when: "'static' not in ubtu22cis_4_2_1_2_status.stdout"