1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# platform = multi_platform_all
# reboot = false
# strategy = disable
# complexity = low
# disruption = low
{{%- if init_system == "systemd" %}}
- name: "{{{ rule_title }}} - Collect systemd Services Present in the System"
ansible.builtin.command: systemctl -q list-unit-files --type service
register: service_exists
changed_when: false
failed_when: service_exists.rc not in [0, 1]
check_mode: false
- name: "{{{ rule_title }}} - Ensure {{{ DAEMONNAME }}}.service is Masked"
ansible.builtin.systemd:
name: "{{{ DAEMONNAME }}}.service"
state: "stopped"
enabled: false
masked: true
when: 'service_exists.stdout_lines is search("{{{ SERVICENAME }}}.service", multiline=True)'
- name: "Unit Socket Exists - {{{ DAEMONNAME }}}.socket"
ansible.builtin.command: systemctl -q list-unit-files {{{ DAEMONNAME }}}.socket
register: socket_file_exists
changed_when: false
failed_when: socket_file_exists.rc not in [0, 1]
check_mode: false
- name: "{{{ rule_title }}} - Disable Socket {{{ SERVICENAME }}}"
ansible.builtin.systemd:
name: "{{{ DAEMONNAME }}}.socket"
enabled: false
state: "stopped"
masked: true
when: 'socket_file_exists.stdout_lines is search("{{{ DAEMONNAME }}}.socket", multiline=True)'
{{%- else %}}
JINJA TEMPLATE ERROR: Unknown init system '{{{ init_system }}}'
{{%- endif %}}
|
