anku33/RHEL9-CIS-Audit
1
0
Fork 0
mirror of https://github.com/ansible-lockdown/RHEL9-CIS-Audit.git synced 2026-06-01 18:40:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update cis311 with sysctl and kernel check typo fix

Browse Source 
Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>
This commit is contained in:
Frederick Witty
2025-12-24 14:09:46 -05:00
parent 8ce0aefb55
commit 06fd71af99
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
section_3/cis_3.1/cis_3.1.1.yml
+3 -3
View File
@@ -51,7 +51,7 @@ command:
NIST800-53R5:
- CM-7
{{ end }}
{{ if eq .Vars.rhel9cis_ipv6_disable_method: "sysctl" }}
{{ if eq .Vars.rhel9cis_ipv6_disable_method "sysctl" }}
ipv6_disabled_sysctl:
title: 3.1.1 | Ensure IPv6 status is identified
exec: sysctl -w net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1
@@ -70,8 +70,8 @@ command:
CISv8_IG3: true
NIST800-53R5:
- CM-7
{{ end }}
{{ if eq .Vars.rhel9cis_ipv6_disable_method: "kernel" }}
{{ end }}
{{ if eq .Vars.rhel9cis_ipv6_disable_method "kernel" }}
ipv6_disabled_kernel:
title: 3.1.1 | Ensure IPv6 status is identified
exec: grubby --info=ALL | grep 'ipv6.disable'