Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Setting os_security_users_allow has no effect #175

Closed
adaitche opened this issue Jun 16, 2018 · 2 comments
Closed

Setting os_security_users_allow has no effect #175

adaitche opened this issue Jun 16, 2018 · 2 comments
Labels

Comments

@adaitche
Copy link

Setting the variable os_security_users_allow to change_user (or [change_user]) doesn't have any effect. The permissions of /bin/su are always set to 0750.

Here is the code block which uses this variable (from tasks/minimize_access.yml):

- name: change su-binary to only be accessible to user and group root
  file:
    dest: '/bin/su'
    owner: 'root'
    group: 'root'
    mode: '0750'
  when: os_security_users_allow != None

Apparently this task is executed when the variable is set to any value. I think the when-condition should be changed to change_user not in os_security_users_allow. I am happy to submit a pull request, if this is approved.

@adaitche adaitche changed the title Setting os_security_users_allow has no effect Setting os_security_users_allow has no effect Jun 16, 2018
@rndmh3ro
Copy link
Member

I agree, there's something wrong here. I'll have to take a look.

@rndmh3ro
Copy link
Member

Should be fixed in master now. Thanks to @szEvEz

@rndmh3ro rndmh3ro added the bug label Nov 4, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants