We are jazzed to announce the release of: openstack-ansible-security 13.1.2: Security hardening role for openstack-ansible For more details, please see below. 13.1.2 ^^^^^^ Bug Fixes * The dictionary-based variables in "defaults/main.yml" are now individual variables. The dictionary-based variables could not be changed as the documentation instructed. Instead it was required to override the entire dictionary. Deployers must use the new variable names to enable or disable the security configuration changes applied by the security role. For more information, see Launchpad Bug 1577944 (https://bugs.launchpad.net/openstack- ansible/+bug/1577944). * The security role now handles "ssh_config" files that contain "Match" stanzas. A marker is added to the configuration file and any new configuration items will be added below that marker. In addition, the configuration file is validated for each change to the ssh configuration file. Changes in openstack-ansible-security 13.1.1..13.1.2 ---------------------------------------------------- b1db632 Handle Match properly in sshd_config df31e9a Removing equal signs in docs e2b3990 Switch from dict to individual variables f0f5367 Doc updates Diffstat (except docs and test files) ------------------------------------- defaults/main.yml | 103 ++++++++++----------- ...tionary-variables-removed-957c7b7b2108ba1f.yaml | 9 ++ ...iled-access-audit-logging-789dc01c8bcbef17.yaml | 2 +- ...ndling-sshd-match-stanzas-fa40b97689004e46.yaml | 7 ++ tasks/auth.yml | 4 +- tasks/kernel.yml | 14 +-- tasks/services.yml | 26 +++--- tasks/sshd.yml | 74 ++++++++++++++- templates/osas-auditd.j2 | 50 +++++----- 42 files changed, 271 insertions(+), 163 deletions(-)