cis-ubuntu-ansible icon indicating copy to clipboard operation
cis-ubuntu-ansible copied to clipboard

Published 20 hours ago verified publisher icon awailly

4.5.10 uses incorrect check

Open memelet opened this issue 7 years ago • 1 comments

The check for appamor status uses:

    when: apparmor_status.failed is defined

But the result object looks like

TASK [cis : debug] ***************************************************************************************************************************************************************************************************************************************
ok: [10.0.17.220] => {
    "apparmor_status": {
        "changed": false,
        "failed": false,
        "name": "apparmor",
        "state": "started"
    }
}

The check should be

    when: apparmor_status.failed is defined and apparmor_status.failed == true

memelet avatar Jun 01 '18 21:06 memelet

Isn't when: apparmor_status.failed enough?

Do you want to submit a pull request?

pchaigno avatar Jun 02 '18 06:06 pchaigno