mirror of
https://github.com/nikdoof/ansible-cis.git
synced 2025-12-13 09:32:15 +00:00
27 lines
511 B
YAML
27 lines
511 B
YAML
---
|
|
- name: Enable crond
|
|
ansible.builtin.service:
|
|
name: crond
|
|
state: started
|
|
enabled: true
|
|
- name: Set cron file security
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0600"
|
|
loop:
|
|
- /etc/crontab
|
|
- name: Set cron.* directory security
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0700"
|
|
loop:
|
|
- /etc/cron.hourly
|
|
- /etc/cron.daily
|
|
- /etc/cron.weekly
|
|
- /etc/cron.monthly
|
|
- /etc/cron.d
|