Defining some threshold for (audit_)space_left vars, as well as a boo…

…l which governs if extra params will be configured Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>
ansible-lockdown · Dec 20, 2023 · ca41b12 · ca41b12
1 parent 88ffe32
commit ca41b12
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -529,6 +529,17 @@ rhel9cis_auditd:
     max_log_file: 10
     max_log_file_action: keep_logs
 
+# This value governs if the below extra-vars for auditd should be used by the role
+rhel9cis_auditd_extra_conf_usage: false
+
+# This can be used to configure other keys in auditd.conf
+# Example:
+# rhel9cis_auditd_extra_conf:
+#     admin_space_left: '10%'
+rhel9cis_auditd_extra_conf:
+    admin_space_left: 50
+    space_left: 75
+
 # The audit_back_log_limit value should never be below 8192
 rhel9cis_audit_back_log_limit: 8192
 

diff --git a/tasks/section_4/cis_4.1.2.x.yml b/tasks/section_4/cis_4.1.2.x.yml
@@ -58,6 +58,7 @@
   notify: Restart auditd
   when:
       - rhel9cis_auditd_extra_conf.keys() | length > 0
+      - rhel9cis_auditd_extra_conf_usage
   tags:
       - level2-server
       - level2-workstation