ansible-lockdown / postgres-9-stig Goto Github PK
View Code? Open in Web Editor NEWAnsible Role for the Postgresql 9.x DISA STIG
Home Page: https://ansible-lockdown.readthedocs.io
License: BSD 3-Clause "New" or "Revised" License
Ansible Role for the Postgresql 9.x DISA STIG
Home Page: https://ansible-lockdown.readthedocs.io
License: BSD 3-Clause "New" or "Revised" License
A good place to start would be the template ansible role README.
James/Repo Owners,
Can you provide me access to upload the latest version?
Description: | RELEASE REVIEW # 124339 for Angel,Michael
Approved for Public Release, 10/07/2019 09:05 AM
Michael Angel
[email protected]
configure a basic TLS setup using sscg ( https://github.com/sgallagher/sscg ), which is included with RHEL 8, and in EPEL for RHEL 7.
Would allow us to tackle HIGH item PGS9-00-010200 and other TLS related items in a generic way.
MEDIUM | PGS9-00-011200 | AUDIT | PostgreSQL must protect its audit features from unauthorized removal.
The rule as implemented today only works for the SCLs and the pgdg repos, not the RHEL 8 repos.
MEDIUM | PGS9-00-009200 | PATCH | Unused database components which are integrated in PostgreSQL and cannot be uninstalled must be disabled.
rule is broken without yumdb available
In the RHEL7-STIG role, we've marked certain tasks as potentially disruptive for role user convenience. Do we want to do something similar here, or only target fresh installations? (Or anything else in between?)
For starters:
This will detect PGDATA for the postgresql systemd unit.
(set -euo pipefail ; eval "$(systemctl show -p Environment postgresql | grep -oP '(?<=^Environment=).*' || echo false)" ; echo $PGDATA)
Inspired by how postgresql-setup
script detects the correct location.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.