├── .ansible-lint ├── .config └── .secrets.baseline ├── .gitattributes ├── .github └── workflows │ ├── devel_pipeline_validation.yml │ ├── main_pipeline_validation.yml │ └── update_galaxy.yml ├── .gitignore ├── .pre-commit-config.yaml ├── .yamllint ├── CONTRIBUTING.rst ├── ChangeLog.md ├── LICENSE ├── README.md ├── ansible-lint ├── ansible.cfg ├── collections └── requirements.yml ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── site.yml ├── tasks ├── LE_audit_setup.yml ├── audit_firewalld.yml ├── audit_homedirinifiles.yml ├── audit_iptables.yml ├── audit_only.yml ├── fix-cat1.yml ├── fix-cat2.yml ├── fix-cat3.yml ├── main.yml ├── parse_etc_passwd.yml ├── post_remediation_audit.yml ├── pre_remediation_audit.yml └── prelim.yml ├── templates ├── 01-banner-message.j2 ├── aide.conf.j2 ├── ansible_vars_goss.yml.j2 ├── audit │ └── 99_auditd.rules.j2 ├── etc │ ├── pam.d │ │ ├── password-auth-local.j2 │ │ └── system-auth-local.j2 │ └── yum.repos.d │ │ └── CentOS-Base.repo.j2 ├── etc_default_grub.j2 └── pam_pkcs11.conf.j2 └── vars ├── CentOS.yml ├── OracleLinux.yml ├── RedHat.yml ├── audit.yml └── main.yml /.ansible-lint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.ansible-lint -------------------------------------------------------------------------------- /.config/.secrets.baseline: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.config/.secrets.baseline -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.gitattributes -------------------------------------------------------------------------------- /.github/workflows/devel_pipeline_validation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.github/workflows/devel_pipeline_validation.yml -------------------------------------------------------------------------------- /.github/workflows/main_pipeline_validation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.github/workflows/main_pipeline_validation.yml -------------------------------------------------------------------------------- /.github/workflows/update_galaxy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.github/workflows/update_galaxy.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.gitignore -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.pre-commit-config.yaml -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/.yamllint -------------------------------------------------------------------------------- /CONTRIBUTING.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/CONTRIBUTING.rst -------------------------------------------------------------------------------- /ChangeLog.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/ChangeLog.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/README.md -------------------------------------------------------------------------------- /ansible-lint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/ansible-lint -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/ansible.cfg -------------------------------------------------------------------------------- /collections/requirements.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/collections/requirements.yml -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/defaults/main.yml -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/handlers/main.yml -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/meta/main.yml -------------------------------------------------------------------------------- /site.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/site.yml -------------------------------------------------------------------------------- /tasks/LE_audit_setup.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/LE_audit_setup.yml -------------------------------------------------------------------------------- /tasks/audit_firewalld.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/audit_firewalld.yml -------------------------------------------------------------------------------- /tasks/audit_homedirinifiles.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/audit_homedirinifiles.yml -------------------------------------------------------------------------------- /tasks/audit_iptables.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/audit_iptables.yml -------------------------------------------------------------------------------- /tasks/audit_only.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/audit_only.yml -------------------------------------------------------------------------------- /tasks/fix-cat1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/fix-cat1.yml -------------------------------------------------------------------------------- /tasks/fix-cat2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/fix-cat2.yml -------------------------------------------------------------------------------- /tasks/fix-cat3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/fix-cat3.yml -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/main.yml -------------------------------------------------------------------------------- /tasks/parse_etc_passwd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/parse_etc_passwd.yml -------------------------------------------------------------------------------- /tasks/post_remediation_audit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/post_remediation_audit.yml -------------------------------------------------------------------------------- /tasks/pre_remediation_audit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/pre_remediation_audit.yml -------------------------------------------------------------------------------- /tasks/prelim.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/tasks/prelim.yml -------------------------------------------------------------------------------- /templates/01-banner-message.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/01-banner-message.j2 -------------------------------------------------------------------------------- /templates/aide.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/aide.conf.j2 -------------------------------------------------------------------------------- /templates/ansible_vars_goss.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/ansible_vars_goss.yml.j2 -------------------------------------------------------------------------------- /templates/audit/99_auditd.rules.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/audit/99_auditd.rules.j2 -------------------------------------------------------------------------------- /templates/etc/pam.d/password-auth-local.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/etc/pam.d/password-auth-local.j2 -------------------------------------------------------------------------------- /templates/etc/pam.d/system-auth-local.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/etc/pam.d/system-auth-local.j2 -------------------------------------------------------------------------------- /templates/etc/yum.repos.d/CentOS-Base.repo.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/etc/yum.repos.d/CentOS-Base.repo.j2 -------------------------------------------------------------------------------- /templates/etc_default_grub.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/etc_default_grub.j2 -------------------------------------------------------------------------------- /templates/pam_pkcs11.conf.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/templates/pam_pkcs11.conf.j2 -------------------------------------------------------------------------------- /vars/CentOS.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/vars/CentOS.yml -------------------------------------------------------------------------------- /vars/OracleLinux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/vars/OracleLinux.yml -------------------------------------------------------------------------------- /vars/RedHat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/vars/RedHat.yml -------------------------------------------------------------------------------- /vars/audit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/vars/audit.yml -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ansible-lockdown/RHEL7-STIG/HEAD/vars/main.yml --------------------------------------------------------------------------------