1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
# platform = multi_platform_all
# reboot = false
# strategy = disable
# complexity = low
# disruption = low
# Currently, Ansible can only collect systemd facts about service units. Socket units are needed.
- name: "{{{ rule_title }}} - Collect systemd Socket Units Present in the System"
ansible.builtin.command:
cmd: systemctl -q list-unit-files --type socket
register: result_systemd_unit_files
changed_when: false
- name: "{{{ rule_title }}} - Ensure {{{ SOCKETNAME }}}.socket is Masked"
ansible.builtin.systemd:
name: {{{ SOCKETNAME }}}.socket
state: stopped
enabled: false
masked: true
when:
- result_systemd_unit_files.stdout_lines is search("{{{ SOCKETNAME }}}.socket")
|
