Changelog
8.8.0 (2023-08-04)
Implemented enhancements:
- Add support for Fedora 38 #671
- auditd: add possibility to override config template #685 [os_hardening] (Meecr0b)
- add debian 12 support #684 [mysql_hardening] [os_hardening] [ssh_hardening] [nginx_hardening] (rndmh3ro)
- feat: explicitly support Fedora 37 and 38 #682 [os_hardening] [ssh_hardening] (nejch)
- Replace ssh_keys group with root, where applicable and use less permissive file mode #677 [ssh_hardening] (rndmh3ro)
- Add oddjob mkhomedir option rhel pam #675 [os_hardening] (imp1sh)
Fixed bugs:
- How does one set
sshd_authenticationmethodsto include password authentication? #686 - Error: No file was found when using first_found on Ubuntu 20.04 #676
- FreeIPA environment mkhomedir fails #664
Closed issues:
- What is the uscase of sysctl_overwrite over ansible.posix.sysctl? #683
Ensure permissions on mysql-logfile are correctchokes whenlog_erroris set tostderr#673- TASK TASK FAILED: [devsec.hardening.os_hardening : Set password ageing for existing regular (non-system, non-root) accounts] #670
- After os_hardening ssh not working #663
- Unsupported parameters for (ansible.builtin.user) module #650
Merged pull requests:
- setting gets ignored #680 [os_hardening] (rndmh3ro)
- add var-naming[no-role-prefix] to skip-list #679 (rndmh3ro)
- expand on check conditions for non-file locations of logs #674 [mysql_hardening] (whysthatso)
- use new molecule-plugins #667 (schurzi)
- add spellchecking with codespell #662 [mysql_hardening] [os_hardening] [ssh_hardening] (schurzi)