Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Several cis_2.2.x.yml sections seem to be removing the wrong packages #390

Closed
txdavec opened this issue Jun 25, 2024 · 2 comments
Closed

Several cis_2.2.x.yml sections seem to be removing the wrong packages #390

txdavec opened this issue Jun 25, 2024 · 2 comments
Assignees
@uk-bolly
Labels
bug Something isn't working

Comments

@txdavec
Copy link

txdavec commented Jun 25, 2024

Greetings,
It seems like there may be a few copy/paste mistakes in this file:

RHEL8-CIS/tasks/section_2/cis_2.2.x.yml

Line 1 in a4d11fa

---

I've added a patch diff file from my local environment to help show the line numbers and my recommended solution.
Thanks for considering these updates.

diff --git a/roles/RHEL8-CIS/tasks/section_2/cis_2.2.x.yml b/roles/RHEL8-CIS/tasks/section_2/cis_2.2.x.yml
index 7d559a1..3860862 100644
--- a/roles/RHEL8-CIS/tasks/section_2/cis_2.2.x.yml
+++ b/roles/RHEL8-CIS/tasks/section_2/cis_2.2.x.yml
@@ -393,7 +393,7 @@
             - not rhel8cis_rpc_server
             - not rhel8cis_rpc_mask
         ansible.builtin.package:
-            name: cups
+            name: rpcbind
             state: absent
 
       - name: "2.2.12 | PATCH | Ensure rpcbind services are not in use | Mask service"
@@ -464,7 +464,7 @@
             - not rhel8cis_net_snmp_server
             - not rhel8cis_net_snmp_mask
         ansible.builtin.package:
-            name: rsync-daemon
+            name: net-snmp
             state: absent
 
       - name: "2.2.14 | PATCH | Ensure snmp services are not in use | Mask service"
@@ -565,7 +565,7 @@
             - not rhel8cis_squid_server
             - not rhel8cis_squid_mask
         ansible.builtin.package:
-            name: tftp-server
+            name: squid
             state: absent
 
       - name: "2.2.17 | PATCH | Ensure web proxy server services are not in use | Mask service"
@@ -653,7 +653,7 @@
             - not rhel8cis_xinetd_server
             - not rhel8cis_xinetd_mask
         ansible.builtin.package:
-            name: tftp-server
+            name: xinetd
             state: absent
 
       - name: "2.2.19 | PATCH | Ensure xinetd services are not in use | Mask service"
@txdavec txdavec added the bug Something isn't working label Jun 25, 2024
@uk-bolly uk-bolly self-assigned this Jun 25, 2024
uk-bolly added a commit that referenced this issue Jun 26, 2024
@uk-bolly
updated inline with #390 thanks to @txdavec
c48a13f 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
@uk-bolly uk-bolly mentioned this issue Jun 26, 2024
Merged
@uk-bolly
Copy link
Member

hi @txdavec

Thank you for raising this issue. I have raised the relevant PR for this work, hoping to get this merged to devel later today.

Many thanks again

uk-bolly

uk-bolly added a commit that referenced this issue Jun 26, 2024
@uk-bolly
Merge pull request #391 from ansible-lockdown/issue_390
bc59fae 
updated inline with #390
@uk-bolly
Copy link
Member

hi @txdavec

Thank you again for your time regarding this issue. You should find that this fix was merged into devel and is now in the main branch. I will close this issue, please feel free to reopen if this is not resolved as expected.

Many thanks

uk-bolly

@uk-bolly uk-bolly mentioned this issue Aug 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@uk-bolly uk-bolly

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@txdavec @uk-bolly