Releases: dev-sec/ansible-collection-hardening
Releases · dev-sec/ansible-collection-hardening
ansible-os-hardening 4.1.0
ansible-os-hardening 4.0.0
4.0.0 (2017-03-14)
Breaking Changes:
Implemented enhancements:
- Description of the Ansible roles of dev-sec says "This Ansible playbook" #97
- install initramfs-tools #114 (rndmh3ro)
- omit empty variables #106 (rndmh3ro)
Fixed bugs:
- The role fails when conditionally included #105
- omit empty variables #106 (rndmh3ro)
- Could not find gem 'ruby (>= 2.1.0)' #116
- The task sysctl fails when /etc/initramfs-tools is not present #111
- Deprecation warning always_run #103
Closed issues:
Merged pull requests:
ansible-os-hardening 3.2.0
3.2.0 (2016-10-24)
Fixed bugs:
- CentOS 7 selinux dependencies #102
- ubuntu xenial warning during activate gpg-check for yum-repos #99
- rhel_system_auth.j2 is still using pam_passwdqc.so for CentOS 7 #98
- Enable pam_pwquality in rhel-family > 7 #73
- "irc" user always changed after reboot #53
Merged pull requests:
ansible-os-hardening 3.1.0
Implemented enhancements:
- Supports --check mode #93 (conorsch)
- Adds support for CentOS 7 #91 (conorsch)
- Docker #90 (rndmh3ro)
- debian 8 support #88 (rndmh3ro)
- Ufw manage defaults #85 (fitz123)
- replace ignore_errors to failed_when to supress ugly error warnings #81 (fitz123)
- fix bare variables usage for loops #79 (fitz123)
Fixed bugs:
- Centos 7.1 fails at [Change various sysctl-settings on rhel-hosts...] #74
- Hardening fails on Centos 7.1 at task 'minimize access' #71
Closed issues:
- Permissions on /etc/shadow can lock out GUI users #86
- network related sysctl rewritten by ufw in ubuntu #82
- ansible >= 2.0 complains: Using bare variables is deprecated #78
- Norm-Audit-Hardening-Audit #76
Merged pull requests:
ansible-os-hardening 3.0.0
Implemented enhancements:
- update platforms in meta-file #69 (rndmh3ro)
- add webhook for ansible galaxy #68 (rndmh3ro)
- Move sysctl vars to defaults #67 (rndmh3ro)
- make sys_uid and sys_gid configurable #62 (rndmh3ro)
- Ansible 2.0 support #59 (rndmh3ro)
- use inspec as test framework #58 (chris-rock)
- Packages as attributes #57 (rndmh3ro)
- Change categories to tags for upcoming ansible 2.0 #56 (rndmh3ro)
- Add SINGLE and PROMPT parameters. #55 (rndmh3ro)
- add changelog generator #54 (chris-rock)
Fixed bugs:
- Updates "tags" parameters on includes in main.yml #66 (conorsch)
- Suid set def var, fix #64 #63 (rndmh3ro)
- ERROR! Include tasks should not specify tags in more than one way #60 (fitz123)
Closed issues:
ansible-os-hardening 2.0.0
ansible-os-hardening 1.0.0
- Implement os-hardening to meet our tests
- Enable GPG-checking on all yum-repository files #5
- Disable system accounts #6
- Module-loading configuration #22
- Travis support #17
- Separate system-vars from editable vars. #34
- Add mode to su-binary task. #39
- Change oneliner if-statements to be more readable #36
- Create limits.d-directory if it does not exist. #33