---
# Tighten down /proc
- name: Hide other user's PIDs for non-root users
  ansible.posix.mount:
    src: proc
    path: /proc
    opts: defaults,hidepid=1,gid=986
    state: present
    fstype: proc
  notify: remount proc
  when: cis_hide_proc