From ab9357dd545da0b985ae906727a1836b0df7ce64 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Fri, 21 Apr 2017 14:27:14 -0500 Subject: [PATCH] Skip ClamAV db update in gate This patch disables the ClamAV database update in the gate jobs. The update often fails due to upstream server issues. Change-Id: I39cfcc102bc98895823b4de9df930e6f273aaf15 --- defaults/main.yml | 2 ++ tasks/rhel7stig/misc.yml | 1 + tests/test.yml | 1 + 3 files changed, 4 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 4e91c5eb..d3245586 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -546,6 +546,8 @@ security_rhel7_enable_linux_security_module: yes # V-71989 / V-71991 security_rhel7_disable_autofs: yes # V-71985 # Enable virus scanning with clamav security_enable_virus_scanner: no # V-72213 +# Run the virus scanner update during the deployment (if scanner is deployed) +security_run_virus_scanner_update: yes # Disable ctrl-alt-delete key sequence on the console. security_rhel7_disable_ctrl_alt_delete: yes # V-71993 # Install and enable firewalld for iptables management. diff --git a/tasks/rhel7stig/misc.yml b/tasks/rhel7stig/misc.yml index 68d0ea57..70af3f17 100644 --- a/tasks/rhel7stig/misc.yml +++ b/tasks/rhel7stig/misc.yml @@ -188,6 +188,7 @@ when: - clamav_install_check.stat.exists - security_enable_virus_scanner | bool + - security_run_virus_scanner_update | bool async: 300 poll: 5 tags: diff --git a/tests/test.yml b/tests/test.yml index 1c40dc33..99677a84 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -87,6 +87,7 @@ security_unattended_upgrades_notifications: "{{ (ansible_os_family | lower == 'debian') | ternary(true, false) }}" security_rhel7_automatic_package_updates: "{{ (ansible_os_family | lower == 'debian') | ternary(true, false) }}" security_enable_virus_scanner: yes + security_run_virus_scanner_update: no security_search_for_invalid_owner: yes security_search_for_invalid_group_owner: yes security_enable_firewalld: yes