Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[3.3.4] - conditional check fails when ufw service is not installed #134

Open
donarkaz opened this issue Apr 24, 2023 · 0 comments
Open

[3.3.4] - conditional check fails when ufw service is not installed #134

donarkaz opened this issue Apr 24, 2023 · 0 comments
Assignees
@alivx
Labels
Debugging Debugging Cases

Comments

@donarkaz
Copy link

When trying to apply control 3.3.4 in the conditional to check whether 'ufw' is present before restarting the service, the condition will never be able to be assessed as the error is in stderr rather than in stdout. It was constantly failing:

  • name: 3.3.4 Ensure suspicious packets are logged | restart ufw after changes in /etc/ufw/sysctl.conf
    service:
    name: ufw
    state: restarted
    when:
    - UFWEnable
    - "'not found' not in ufw_check.stdout"

... thus the last line above should be replaced with the following line, after which it happily skips the control and completes without issues:
- "'not found' not in ufw_check.stderr"

... and some more proof:

image
@donarkaz donarkaz added the Debugging Debugging Cases label Apr 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alivx alivx

Labels
Debugging Debugging Cases
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@donarkaz @alivx