Skip to content

Commit

Permalink
Updates defaults/main.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@redhatrises
ComplianceAsCode development team authored and redhatrises committed Aug 13, 2020
1 parent d912d79 commit 795e5fd
Showing 1 changed file with 24 additions and 12 deletions.
36 changes: 24 additions & 12 deletions defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
---
# defaults file for rhel7_pci_dss
var_password_pam_dcredit: '-1'
var_password_pam_ucredit: '-1'
var_password_pam_minlen: '7'
var_password_pam_lcredit: '-1'
var_password_pam_unix_remember: '4'
var_accounts_passwords_pam_faillock_deny: '6'
var_accounts_passwords_pam_faillock_unlock_time: '1800'
var_account_disable_post_pw_expiration: '90'
var_accounts_maximum_age_login_defs: '90'
var_auditd_max_log_file: '6'
var_auditd_space_left_action: email
var_auditd_action_mail_acct: root
var_auditd_max_log_file_action: rotate
var_auditd_admin_space_left_action: single
var_auditd_space_left_action: email
var_auditd_max_log_file_action: rotate
var_auditd_num_logs: '5'
var_auditd_max_log_file: '6'
var_accounts_maximum_age_login_defs: '90'
var_account_disable_post_pw_expiration: '90'
var_accounts_passwords_pam_faillock_unlock_time: '1800'
var_password_pam_unix_remember: '4'
var_accounts_passwords_pam_faillock_deny: '6'
var_password_pam_minlen: '7'
var_password_pam_lcredit: '-1'
var_password_pam_ucredit: '-1'
var_password_pam_dcredit: '-1'
inactivity_timeout_value: '900'
sshd_idle_timeout_value: '900'
account_disable_post_pw_expiration: true
Expand All @@ -41,7 +41,19 @@ audit_rules_dac_modification_lremovexattr: true
audit_rules_dac_modification_lsetxattr: true
audit_rules_dac_modification_removexattr: true
audit_rules_dac_modification_setxattr: true
audit_rules_immutable: true
audit_rules_kernel_module_loading: true
audit_rules_mac_modification: true
audit_rules_media_export: true
audit_rules_networkconfig_modification: true
audit_rules_privileged_commands: true
audit_rules_session_events: true
audit_rules_sysadmin_actions: true
audit_rules_time_adjtimex: true
audit_rules_time_clock_settime: true
audit_rules_time_settimeofday: true
audit_rules_time_stime: true
audit_rules_time_watch_localtime: true
auditd_audispd_syslog_plugin_activated: true
auditd_data_retention_action_mail_acct: true
auditd_data_retention_admin_space_left_action: true
Expand Down

0 comments on commit 795e5fd

Please sign in to comment.