Browse Source

Fix bare jinja variable pam_password_file

The pam_password_variable didn't have jinja tags around it and it
wasn't being handled correctly. This patch fixes the bug and makes
the task name easier to read.

Closes-Bug: 1693343
Change-Id: Ie469c32a71c3c0e1b381739290ffb608bb04a21c
Major Hayden 2 years ago
parent
commit
d7600f1a12
No account linked to committer's email address
1 changed files with 2 additions and 2 deletions
  1. 2
    2
      tasks/rhel7stig/auth.yml

+ 2
- 2
tasks/rhel7stig/auth.yml View File

@@ -65,9 +65,9 @@
65 65
     - high
66 66
     - V-71937
67 67
 
68
-- name: V-71945 - If three unsuccessful logon attempts within 15 minutes occur the associated account must be locked.
68
+- name: Lock accounts after three failed login attempts a 15 minute period
69 69
   blockinfile:
70
-    dest: pam_password_file
70
+    dest: "{{ pam_password_file }}"
71 71
     state: present
72 72
     marker: "# {mark} MANAGED BY OPENSTACK-ANSIBLE-SECURITY"
73 73
     insertbefore: EOF

Loading…
Cancel
Save