Merge "Splits STIG yum add/removes"

2019-11-21 11:53:49 +00:00 · 2019-11-21 11:53:49 +00:00 · 87415a319b
parent ab430cfbff 8db1a33cbf
commit 87415a319b
1 changed files with 23 additions and 2 deletions
--- a/tasks/rhel7stig/packages.yml
+++ b/tasks/rhel7stig/packages.yml
@ -13,12 +13,33 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

- name: Add or remove packages based on STIG requirements
+- name: Add packages based on STIG requirements
  package:
    name: "{{ stig_packages_rhel7 | selectattr('enabled') | selectattr('state', 'equalto', item) | sum(attribute='packages', start=[]) }}"
    state: "{{ item }}"
  with_items:
-    - "{{ stig_packages_rhel7 | selectattr('enabled') | map(attribute='state') | unique | list }}"
+    - "{{ stig_packages_rhel7 | selectattr('enabled') | selectattr('state', 'equalto', 'present') | map(attribute='state') | unique | list }}"
+  tags:
+    - cat1
+    - auth
+    - packages
+    - services
+    - V-71897
+    - V-71967
+    - V-71969
+    - V-72067
+    - V-72077
+    - V-72213
+    - V-72233
+    - V-72301
+    - V-72307
+
+- name: Remove packages based on STIG requirements
+  package:
+    name: "{{ stig_packages_rhel7 | selectattr('enabled') | selectattr('state', 'equalto', item) | sum(attribute='packages', start=[]) }}"
+    state: "{{ item }}"
+  with_items:
+    - "{{ stig_packages_rhel7 | selectattr('enabled') | selectattr('state', 'equalto', 'absent') | map(attribute='state') | unique | list }}"
  tags:
    - cat1
    - auth