Produced by Araxis Merge on 5/14/2018 1:18:37 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build\playbooks | gpg_check_enabled.yml | Tue Mar 27 23:51:06 2018 UTC |
| 2 | MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build\playbooks | gpg_check_enabled.yml | Tue May 8 03:18:48 2018 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 124 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | # Ansible Playbook | |
| 2 | # Erik van Oudheusde n PII - 28 Sep 2 017 | |
| 3 | # | |
| 4 | # Ensure R ed Hat GPG Key Insta lled | |
| 5 | ||
| 6 | --- | |
| 7 | - name: En sure Red H at GPG Key Installed | |
| 8 | hosts: r hel7 | |
| 9 | become: yes | |
| 10 | tasks: | |
| 11 | ||
| 12 | - name: Check exis tence of y um | |
| 13 | stat: | |
| 14 | path : /etc/yum .conf | |
| 15 | regist er: yum_co nfig_file | |
| 16 | check_ mode: no | |
| 17 | ||
| 18 | - name: Ensure GPG check is globally a ctivated ( yum) | |
| 19 | ini_fi le: | |
| 20 | dest : "{{item} }" | |
| 21 | sect ion: main | |
| 22 | opti on: gpgche ck | |
| 23 | valu e: 1 | |
| 24 | crea te: False | |
| 25 | with_i tems: "/et c/yum.conf " | |
| 26 | when: ansible_di stribution == "RedHa t" or yum_ config_fil e.stat.exi sts | |
| 27 | tags: | |
| 28 | - en sure_gpgch eck_global ly_activat ed | |
| 29 | - hi gh | |
| 30 | - CC E-26989-4 | |
| 31 | - name: add additi onal gpg c hecks comm ent | |
| 32 | linein file: | |
| 33 | # bac kup: yes | |
| 34 | path : /etc/yum .conf | |
| 35 | line : '#Added by VA Secu rity' | |
| 36 | - name: add additi onal local gpg packa ge checks | |
| 37 | linein file: | |
| 38 | path : /etc/yum .conf | |
| 39 | line : 'localpk g_gpgcheck =1' | |
| 40 | - name: comment on repo gpg checks due to VA rep os not pro perly sigh ed. | |
| 41 | linein file: | |
| 42 | path : /etc/yum .conf | |
| 43 | line : '#The VA baseline security r equires re po_gpgchec k to be 1. Currently the' | |
| 44 | - name: comment on repo gpg checks due to VA rep os not pro perly sigh ed. | |
| 45 | linein file: | |
| 46 | path : /etc/yum .conf | |
| 47 | line : '#Satell ite repos are not si gned, so Y UM breaks when repo_ gpgcheck e quals 1.' | |
| 48 | - name: comment on additiona l repo gpg checks | |
| 49 | linein file: | |
| 50 | path : /etc/yum .conf | |
| 51 | line : '#The re po_gpgchec k should b e set to 1 , but is b roken so i t is left as a 0 for now.' | |
| 52 | - name: add additi onal repo gpg checks | |
| 53 | linein file: | |
| 54 | path : /etc/yum .conf | |
| 55 | line : 'repo_gp gcheck=0' | |
| 56 | - name: disable in stall of i 686 and i3 86 softwar e | |
| 57 | linein file: | |
| 58 | path : /etc/yum .conf | |
| 59 | line : 'exclude =*.i?86' | |
| 60 | - name: add additi onal clean ing | |
| 61 | linein file: | |
| 62 | path : /etc/yum .conf | |
| 63 | line : 'clean_r equirement s_on_remov e=1' |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.