418 B
418 B
---id: V-72197 status: implemented tag: auditd ---
The tasks add a rule to auditd that logs each time that an account is modified. This includes changes to the following files:
/etc/group
/etc/passwd
/etc/gshadow
/etc/shadow
/etc/security/opasswd
Deployers can opt-out of this change by setting an Ansible variable:
security_rhel7_audit_account_actions: no