diff --git a/.github/workflows/mysql_hardening.yml b/.github/workflows/mysql_hardening.yml index 31f783df4..85bddcc98 100644 --- a/.github/workflows/mysql_hardening.yml +++ b/.github/workflows/mysql_hardening.yml @@ -47,7 +47,7 @@ jobs: submodules: true - name: Set up Python 3.7 - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: 3.7 diff --git a/.github/workflows/nginx_hardening.yml b/.github/workflows/nginx_hardening.yml index ecaa59c0a..a17cf1cdd 100644 --- a/.github/workflows/nginx_hardening.yml +++ b/.github/workflows/nginx_hardening.yml @@ -46,7 +46,7 @@ jobs: submodules: true - name: Set up Python 3.7 - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: 3.7 diff --git a/.github/workflows/os_hardening.yml b/.github/workflows/os_hardening.yml index f4545cb4a..cf8aa6ef0 100644 --- a/.github/workflows/os_hardening.yml +++ b/.github/workflows/os_hardening.yml @@ -45,7 +45,7 @@ jobs: submodules: true - name: Set up Python 3.7 - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: 3.7 diff --git a/.github/workflows/ssh_hardening.yml b/.github/workflows/ssh_hardening.yml index 2e5e6b81e..9f618fa74 100644 --- a/.github/workflows/ssh_hardening.yml +++ b/.github/workflows/ssh_hardening.yml @@ -46,7 +46,7 @@ jobs: submodules: true - name: Set up Python 3.7 - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: 3.7 diff --git a/.github/workflows/ssh_hardening_custom_tests.yml b/.github/workflows/ssh_hardening_custom_tests.yml index 45a3e3a52..3b1a4ebcb 100644 --- a/.github/workflows/ssh_hardening_custom_tests.yml +++ b/.github/workflows/ssh_hardening_custom_tests.yml @@ -46,7 +46,7 @@ jobs: submodules: true - name: Set up Python 3.7 - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: python-version: 3.7 diff --git a/CHANGELOG.md b/CHANGELOG.md index 0091c25f2..6977b0728 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +## [9.0.0](https://github.com/dev-sec/ansible-collection-hardening/tree/9.0.0) (2022-12-24) + +[Full Changelog](https://github.com/dev-sec/ansible-collection-hardening/compare/8.4.0...9.0.0) + +**Merged pull requests:** + +- Bump actions/setup-python from 1 to 4 [\#611](https://github.com/dev-sec/ansible-collection-hardening/pull/611) [[mysql_hardening](https://github.com/dev-sec/ansible-collection-hardening/labels/mysql_hardening)] [[os_hardening](https://github.com/dev-sec/ansible-collection-hardening/labels/os_hardening)] [[ssh_hardening](https://github.com/dev-sec/ansible-collection-hardening/labels/ssh_hardening)] [[nginx_hardening](https://github.com/dev-sec/ansible-collection-hardening/labels/nginx_hardening)] ([dependabot[bot]](https://github.com/apps/dependabot)) +- Bump creyD/prettier\_action from 3.1 to 4.2 [\#610](https://github.com/dev-sec/ansible-collection-hardening/pull/610) ([dependabot[bot]](https://github.com/apps/dependabot)) + ## [8.4.0](https://github.com/dev-sec/ansible-collection-hardening/tree/8.4.0) (2022-12-17) [Full Changelog](https://github.com/dev-sec/ansible-collection-hardening/compare/8.3.0...8.4.0) diff --git a/roles/os_hardening/tasks/hardening.yml b/roles/os_hardening/tasks/hardening.yml index ec77a7f29..99a804e13 100644 --- a/roles/os_hardening/tasks/hardening.yml +++ b/roles/os_hardening/tasks/hardening.yml @@ -115,5 +115,4 @@ import_tasks: selinux.yml tags: selinux when: - - ansible_facts.selinux.status == 'enabled' - os_selinux_enabled | bool diff --git a/roles/os_hardening/tasks/selinux.yml b/roles/os_hardening/tasks/selinux.yml index b1539d048..05af16d10 100644 --- a/roles/os_hardening/tasks/selinux.yml +++ b/roles/os_hardening/tasks/selinux.yml @@ -1,5 +1,20 @@ --- +- name: Install python310-rpm | openSUSE + zypper: + name: python310-rpm + state: present + update_cache: true + when: ansible_facts.os_family == 'Suse' + +- name: Gather the package facts + package_facts: + manager: auto + - name: Configure selinux | selinux-01 selinux: policy: "{{ os_selinux_policy }}" state: "{{ os_selinux_state }}" + when: + - "'libselinux' in ansible_facts.packages" + - "'libselinux-python' in ansible_facts.packages" + - "'policycoreutils-python' in ansible_facts.packages"