Remove old /etc/profile config block
When the openstack-ansible-security role became ansible-hardening, a new config block was added to `/etc/profile` without removing the original one with the openstack-ansible-security markers. This causes errors on the command prompt since `TMOUT` is defined twice. This patch removes the old config block using blockinfile. Closes-Bug: 1736702 Change-Id: I2768182f5dde3368028a1a25af69db6ac7a75d9b
This commit is contained in:
parent
a0810a9ca1
commit
c8a59a1c9a
|
@ -207,9 +207,26 @@
|
||||||
- misc
|
- misc
|
||||||
- V-72213
|
- V-72213
|
||||||
|
|
||||||
|
# NOTE(mhayden): This role changed names and this task ensures that the old
|
||||||
|
# configuration block is properly removed. Without this task, /etc/profile
|
||||||
|
# will have two config blocks that set the same variable and this leads to
|
||||||
|
# errors on the command prompt. See LP bug 1736702.
|
||||||
|
# TODO(mhayden): Remove this task when the Rocky release is in development.
|
||||||
|
- name: Remove old config block for V-72223 from openstack-ansible-security
|
||||||
|
blockinfile:
|
||||||
|
dest: /etc/profile
|
||||||
|
state: absent
|
||||||
|
insertbefore: EOF
|
||||||
|
marker: "# {mark} MANAGED BY OPENSTACK-ANSIBLE-SECURITY"
|
||||||
|
tags:
|
||||||
|
- medium
|
||||||
|
- misc
|
||||||
|
- V-72223
|
||||||
|
|
||||||
- name: V-72223 - Set 10 minute timeout on communication sessions
|
- name: V-72223 - Set 10 minute timeout on communication sessions
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/profile
|
dest: /etc/profile
|
||||||
|
state: present
|
||||||
insertbefore: EOF
|
insertbefore: EOF
|
||||||
marker: "# {mark} MANAGED BY ANSIBLE-HARDENING"
|
marker: "# {mark} MANAGED BY ANSIBLE-HARDENING"
|
||||||
block: |
|
block: |
|
||||||
|
|
Loading…
Reference in New Issue