Remove old /etc/profile config block

When the openstack-ansible-security role became ansible-hardening,
a new config block was added to `/etc/profile` without removing
the original one with the openstack-ansible-security markers. This
causes errors on the command prompt since `TMOUT` is defined twice.

This patch removes the old config block using blockinfile.

Closes-Bug: 1736702
Change-Id: I2768182f5dde3368028a1a25af69db6ac7a75d9b
(cherry picked from commit c8a59a1c9a)
This commit is contained in:
Major Hayden 2017-12-15 16:11:13 -06:00
parent 0fdf77a65a
commit 9a9b31f629
No known key found for this signature in database
GPG Key ID: 737051E0C1011FB1
1 changed files with 17 additions and 0 deletions

View File

@ -207,9 +207,26 @@
- misc
- RHEL-07-030810
# NOTE(mhayden): This role changed names and this task ensures that the old
# configuration block is properly removed. Without this task, /etc/profile
# will have two config blocks that set the same variable and this leads to
# errors on the command prompt. See LP bug 1736702.
# TODO(mhayden): Remove this task when the Rocky release is in development.
- name: Remove old config block for RHEL-07-040160 from openstack-ansible-security
blockinfile:
dest: /etc/profile
state: absent
insertbefore: EOF
marker: "# {mark} MANAGED BY OPENSTACK-ANSIBLE-SECURITY"
tags:
- medium
- misc
- RHEL-07-040160
- name: RHEL-07-040160 - Set 10 minute timeout on communication sessions
blockinfile:
dest: /etc/profile
state: present
insertbefore: EOF
marker: "# {mark} MANAGED BY ANSIBLE-HARDENING"
block: |