From 3b95e7fc03310ac127be6a7542eb62c7c9e58777 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bernd=20M=C3=BCller?= Date: Mon, 21 Oct 2019 09:41:20 +0200 Subject: [PATCH] changed disable dccp conf for preventing kernel messages MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit dccp_diag: Unknown symbol dccp_hashinfo (err 0) https://access.redhat.com/solutions/2321691 $ cat /etc/modprobe.d/ansible-hardening-disable-dccp.conf install dccp /bin/true install dccp_diag /bin/true Change-Id: I7441d71c52bdb4f215e1976d15e9282d9cd75139 Signed-off-by: Bernd Müller --- files/ansible-hardening-disable-dccp.conf | 2 ++ tasks/rhel7stig/kernel.yml | 5 ++--- 2 files changed, 4 insertions(+), 3 deletions(-) create mode 100644 files/ansible-hardening-disable-dccp.conf diff --git a/files/ansible-hardening-disable-dccp.conf b/files/ansible-hardening-disable-dccp.conf new file mode 100644 index 00000000..341c5f7e --- /dev/null +++ b/files/ansible-hardening-disable-dccp.conf @@ -0,0 +1,2 @@ +install dccp /bin/true +install dccp_diag /bin/true \ No newline at end of file diff --git a/tasks/rhel7stig/kernel.yml b/tasks/rhel7stig/kernel.yml index 23e0c814..512d4eb8 100644 --- a/tasks/rhel7stig/kernel.yml +++ b/tasks/rhel7stig/kernel.yml @@ -98,10 +98,9 @@ - V-72067 - name: V-77821 - Datagram Congestion Control Protocol (DCCP) kernel module must be disabled - lineinfile: + copy: + src: ansible-hardening-disable-dccp.conf dest: /etc/modprobe.d/ansible-hardening-disable-dccp.conf - line: install dccp /bin/true - create: yes when: - security_rhel7_disable_dccp | bool tags: