Fix issues from new CentOS 7 release

The auditd daemon now resets file permissions on its log directory each time it restarts and that breaks the idempotence tests. That task now has "changed_when: False". These patches should unblock the security role gate. [0] https://bugzilla.redhat.com/show_bug.cgi?id=1293713 Change-Id: I80b66a6d9e7c8ad97761a1f890ec6a3d2db88659 Partial-Bug: #1662622
2016-12-12 12:17:05 -06:00 · 2016-12-12 12:17:05 -06:00 · 83e3c206e8
parent 4387e666d9
commit 83e3c206e8
1 changed files with 4 additions and 0 deletions
--- a/tasks/file_perms.yml
+++ b/tasks/file_perms.yml
@ -67,11 +67,15 @@
    - cat2
    - V-38461

+# NOTE(mhayden): The log directory permissions change each time auditd is
+# restarted. This causes the idempotent checks to fail and that's why there is
+# a 'changed_when: False' on this task.
 - name: V-38493 - Audit log directories must have mode 0755 or less
  file:
    dest: /var/log/audit/
    state: directory
    mode: 0750
+  changed_when: False
  tags:
    - file_perms
    - cat2