You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the Issue
5.6.1.1 - Ensure password expiration is 365 days or less
5.6.1.2 - Ensure minimum days between password changes is configured
5.6.1.3 - Ensure password expiration warning days is 7 or more
CIS rules are advising users not only to add the proper values in /etc/login.defs(which is currently implemented via this role), but also to modify user params via chage tool.
Expected Behavior
Complete implementation of rules.
Actual Behavior
Partial implementation of rules.
Control(s) Affected
5.6.1.1, 5.6.1.2, 5.6.1.3
Environment (please complete the following information):
branch being used: [e.g. devel]
Ansible Version: [e.g. 2.13]
Additional Details:
Additional Notes
PR will take advantage of current ansible.builtin.user options:
Describe the Issue
5.6.1.1 - Ensure password expiration is 365 days or less
5.6.1.2 - Ensure minimum days between password changes is configured
5.6.1.3 - Ensure password expiration warning days is 7 or more
CIS rules are advising users not only to add the proper values in
/etc/login.defs
(which is currently implemented via this role), but also to modify user params viachage
tool.Expected Behavior
Complete implementation of rules.
Actual Behavior
Partial implementation of rules.
Control(s) Affected
5.6.1.1, 5.6.1.2, 5.6.1.3
Environment (please complete the following information):
Additional Notes
PR will take advantage of current
ansible.builtin.user
options:password_expire_max
password_expire_min
password_expire_warn
), I used the:since the
password_expire_warn
was added in ansible-core 2.16Possible Solution
PR
The text was updated successfully, but these errors were encountered: