0eef112699
This patch refactors the login.defs adjustments into a single task that loops over a variable. It also adds tasks for RHEL-07-010200, RHEL-07-010420, and RHEL-07-020230. Documentation is included. Implements: blueprint security-rhel7-stig Change-Id: I7c1f869d87338547da8943d5aa506ceb871cee68
372 B
372 B
---id: RHEL-07-020230 status: implemented tag: auth ---
The umask for authenticated users is set to 077 by the
tasks in the security role. This is the default for Ubuntu, CentOS, and
Red Hat Enterprise Linux already.
Deployers can choose a different umask value by setting the following Ansible variable:
security_shadow_utils_umask: 077