ansible-role-hardening icon indicating copy to clipboard operation
ansible-role-hardening copied to clipboard

Published 20 hours ago verified publisher icon konstruktoid

Add conditional handling of ipv6 support on the OS.

Open KoenDG opened this issue 1 year ago • 1 comments

I ran into an issue where a Ubuntu 20.04 system did not have ipv6 support, or it was not enabled.

Either way: it wasn't showing up under /proc.

This leads to an issue where if you add these settings via sysctl, every time after that you use sysctl for something, or run an ansible playbook that does something with sysctl, you get an error. Particularly, that the it cannot stat a location similar to /proc/.../ipv6/...

This PR adds conditional checking if the required directory exists and if it doesn't, omits setting ipv6 settings.

The approach is to put ipv4, ipv6 and other systctl setting in their own dict, and combining those based on ipv6 being available under /proc or not.

KoenDG avatar Aug 07 '22 17:08 KoenDG

Thanks! I'll run some tests and merge if okay.

konstruktoid avatar Aug 07 '22 23:08 konstruktoid

If ready to merge, I'd suggest a squash merge, as the commits have stacked up, and they can be squashed into 1 for the purposes of the merge.

KoenDG avatar Aug 09 '22 12:08 KoenDG

Thanks @KoenDG!

konstruktoid avatar Aug 09 '22 12:08 konstruktoid