ansible-hardening/doc/metadata/rhel7/V-72197.rst

---id: V-72197 status: implemented tag: auditd ---

The tasks add a rule to auditd that logs each time that an account is modified. This includes changes to the following files:

• /etc/group
• /etc/passwd
• /etc/gshadow
• /etc/shadow
• /etc/security/opasswd

Deployers can opt-out of this change by setting an Ansible variable:

security_rhel7_audit_account_actions: no