We are stoked to announce the release of: ansible-hardening 15.1.10: OpenStack-Ansible: Host security hardening This release is part of the ocata release series. Download the package from: https://tarballs.openstack.org/ansible-hardening/ For more details, please see below. 15.1.10 ^^^^^^^ Bug Fixes * The sysctl configuration task was not skipping configurations where "enabled" was set to "no". Instead, it was removing configurations when "enabled: no" was set. There is now a fix in place that ensures any sysctl configuration with "enabled: no" will be skipped and the configuration will be left unaltered on the system. Changes in ansible-hardening 15.1.9..15.1.10 -------------------------------------------- 6e82b64 Cast security_shadow_utils_fail_delay as int d0ec2e8 Configure pam_faildelay on Ubuntu 46ff2e5 Updated from OpenStack Ansible Tests 10672ae Skip sysctl configs when enabled: no Diffstat (except docs and test files) ------------------------------------- .gitignore | 9 +-- Vagrantfile | 62 ++++++--------- bindep.txt | 37 ++++++--- ...skip-sysctl-when-disabled-b32eca48df5b1437.yaml | 10 +++ tasks/rhel7stig/auth.yml | 18 +++++ tasks/rhel7stig/kernel.yml | 2 + vars/main.yml | 10 ++- 8 files changed, 132 insertions(+), 103 deletions(-)