summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMajor Hayden <major@mhtx.net>2018-02-06 12:39:10 -0600
committerMajor Hayden <major@mhtx.net>2018-02-06 12:39:14 -0600
commit295ef13395a2edf1922b0d5a31f224fdf4b0b525 (patch)
tree7cf4001e83f14585180f3c954554cbd983ee964e
parent0635fb840aafc914f2ffdfedc4548dc1abb37c7a (diff)
Move aide db when needed
The task that moves the aide database checks to see whether aide was just initialized, but that task has a "changed_when: false" to help with idempotency. That means that the database never gets moved into place. This patch changes the task to check whether the aide initialization was skipped or not. If it wasn't skipped, then the database will be moved. Closes-Bug: 1745675 Change-Id: I2f186274cbff4b38706603a51429557057843e4e
Notes
Notes (review): Code-Review+2: Markos Chandras (hwoarang) <mchandras@suse.de> Code-Review+2: Amy Marrich (spotz) <amy@demarco.com> Workflow+1: Amy Marrich (spotz) <amy@demarco.com> Code-Review+2: Jean-Philippe Evrard <jean-philippe@evrard.me> Code-Review+2: Jesse Pretorius (odyssey4me) <jesse.pretorius@rackspace.co.uk> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 12 Feb 2018 17:00:19 +0000 Reviewed-on: https://review.openstack.org/541398 Project: openstack/ansible-hardening Branch: refs/heads/master
-rw-r--r--tasks/rhel7stig/aide.yml2
1 files changed, 1 insertions, 1 deletions
diff --git a/tasks/rhel7stig/aide.yml b/tasks/rhel7stig/aide.yml
index ba0b9ba..e4c562f 100644
--- a/tasks/rhel7stig/aide.yml
+++ b/tasks/rhel7stig/aide.yml
@@ -115,7 +115,7 @@
115 command: "mv {{ aide_database_out_file }} {{ aide_database_file }}" 115 command: "mv {{ aide_database_out_file }} {{ aide_database_file }}"
116 changed_when: false 116 changed_when: false
117 when: 117 when:
118 - aide_init | changed 118 - not aide_init | skipped
119 - ansible_pkg_mgr in ['yum', 'zypper'] 119 - ansible_pkg_mgr in ['yum', 'zypper']
120 tags: 120 tags:
121 - medium 121 - medium