yamllint + correction /tmp softdep
softdep is not added anymore if noexec is already defined after rw
This commit is contained in:
parent
88df904282
commit
e019b79723
|
|
@ -5,4 +5,4 @@
|
||||||
- name: remount /tmp
|
- name: remount /tmp
|
||||||
command: mount -u -o noexec /tmp
|
command: mount -u -o noexec /tmp
|
||||||
args:
|
args:
|
||||||
warn: no
|
warn: false
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
- name: Fetch fstab content
|
- name: Fetch fstab content
|
||||||
command: "grep -v '^#' /etc/fstab"
|
command: "grep -v '^#' /etc/fstab"
|
||||||
check_mode: no
|
check_mode: false
|
||||||
register: fstab_content
|
register: fstab_content
|
||||||
failed_when: false
|
failed_when: false
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
@ -14,8 +14,8 @@
|
||||||
regexp: '(\s+/\s+\S+\s+rw)(.*)'
|
regexp: '(\s+/\s+\S+\s+rw)(.*)'
|
||||||
replace: '\1,softdep\2'
|
replace: '\1,softdep\2'
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/\s')
|
- fstab_content.stdout | regex_search('\s/\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/\s+\S+\s+rw,softdep'))
|
- not (fstab_content.stdout | regex_search('\s+/\s+\S+\s+rw,softdep'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
||||||
|
|
@ -25,8 +25,8 @@
|
||||||
regexp: '(\s+/var\s+\S+\s+rw)(.*)'
|
regexp: '(\s+/var\s+\S+\s+rw)(.*)'
|
||||||
replace: '\1,softdep\2'
|
replace: '\1,softdep\2'
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/var\s')
|
- fstab_content.stdout | regex_search('\s/var\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/var\s+\S+\s+rw,softdep'))
|
- not (fstab_content.stdout | regex_search('\s+/var\s+\S+\s+rw,softdep'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
||||||
|
|
@ -36,8 +36,8 @@
|
||||||
regexp: '(\s+/usr\s+\S+\s+rw)(.*)'
|
regexp: '(\s+/usr\s+\S+\s+rw)(.*)'
|
||||||
replace: '\1,softdep\2'
|
replace: '\1,softdep\2'
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/usr\s')
|
- fstab_content.stdout | regex_search('\s/usr\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/usr\s+\S+\s+rw,softdep'))
|
- not (fstab_content.stdout | regex_search('\s+/usr\s+\S+\s+rw,softdep'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
||||||
|
|
@ -47,8 +47,9 @@
|
||||||
regexp: '(\s+/tmp\s+\S+\s+rw(,softdep)*)(.*)'
|
regexp: '(\s+/tmp\s+\S+\s+rw(,softdep)*)(.*)'
|
||||||
replace: '\1,noexec\3'
|
replace: '\1,noexec\3'
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/tmp\s')
|
- fstab_content.stdout | regex_search('\s/tmp\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/tmp\s+\S+\s+rw,(softdep,)*noexec'))
|
- not (fstab_content.stdout
|
||||||
|
| regex_search('\s+/tmp\s+\S+\s+rw,(softdep,)*noexec'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
||||||
|
|
@ -59,8 +60,9 @@
|
||||||
replace: '\1,softdep\2'
|
replace: '\1,softdep\2'
|
||||||
notify: remount /tmp
|
notify: remount /tmp
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/tmp\s')
|
- fstab_content.stdout | regex_search('\s/tmp\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/tmp\s+\S+\s+rw,softdep'))
|
- not (fstab_content.stdout
|
||||||
|
| regex_search('\s+/tmp\s+\S+\s+rw,(noexec,)*softdep'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
||||||
|
|
@ -70,7 +72,7 @@
|
||||||
regexp: '(\s+/home\s+\S+\s+rw)(.*)'
|
regexp: '(\s+/home\s+\S+\s+rw)(.*)'
|
||||||
replace: '\1,softdep\2'
|
replace: '\1,softdep\2'
|
||||||
when:
|
when:
|
||||||
- fstab_content.stdout | regex_search('\s/home\s')
|
- fstab_content.stdout | regex_search('\s/home\s')
|
||||||
- not (fstab_content.stdout | regex_search('\s+/home\s+\S+\s+rw,softdep'))
|
- not (fstab_content.stdout | regex_search('\s+/home\s+\S+\s+rw,softdep'))
|
||||||
tags:
|
tags:
|
||||||
- fstab
|
- fstab
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue