Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Most likely wrong variable is used at "5.1.4 | PATCH | Ensure permissions on all logfiles are configured | change permissions" #387

Closed
csabapatyi opened this issue Jun 24, 2024 · 1 comment
Assignees
Labels
bug Something isn't working

Comments

@csabapatyi
Copy link

Hi,

It seems to me that you are using wrong variable name in the "5.1.4 | PATCH | Ensure permissions on all logfiles are configured | change permissions" check and because of this log file ownership is not configured correctly.

Current code:

      - name: "5.1.4 | PATCH | Ensure permissions on all logfiles are configured | change permissions"
        ansible.builtin.file:
            path: "{{ item }}"
            mode: '0640'
        loop: "{{ discovered_logfiles_flattened }}"
        when:
            - rhel8cis_5_1_4_logfiles_flattened is defined
            - item != "/var/log/btmp"
            - item != "/var/log/utmp"
            - item != "/var/log/wtmp"

Correct code:

      - name: "5.1.4 | PATCH | Ensure permissions on all logfiles are configured | change permissions"
        ansible.builtin.file:
            path: "{{ item }}"
            mode: '0640'
        loop: "{{ discovered_logfiles_flattened }}"
        when:
            - discovered_logfiles_flattened is defined
            - item != "/var/log/btmp"
            - item != "/var/log/utmp"
            - item != "/var/log/wtmp"

Because rhel8cis_5_1_4_logfiles_flattened does not exists anywhere in the codebase, the PATCH never gets applied. I assume it is only some copy/paste error.

@csabapatyi csabapatyi added the bug Something isn't working label Jun 24, 2024
@uk-bolly uk-bolly self-assigned this Jun 24, 2024
uk-bolly added a commit that referenced this issue Jun 24, 2024
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
@uk-bolly uk-bolly mentioned this issue Jun 24, 2024
@uk-bolly
Copy link
Member

hi @csabapatyi

Thank you again for your time regarding this issue. You should find that this fix was merged into devel and is now in the main branch. I will close this issue, please feel free to reopen if this is not resolved as expected.

Many thanks

uk-bolly

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants