Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Typo in resolv.conf configuration #14

Closed
waweber opened this issue May 12, 2021 · 3 comments
Closed

Typo in resolv.conf configuration #14

waweber opened this issue May 12, 2021 · 3 comments
Assignees
@uk-bolly
Labels
bug Something isn't working

Comments

@waweber
Copy link

waweber commented May 12, 2021

Check out fix-cat2.yml on line 1412 in v2.0.1:

      - name: "MEDIUM | RHEL-08-010680 | PATCH | For RHEL 8 systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured. | Set resolv.conf if dns is set in nsswitch.conf"
        lineinfile:
            dest: /etc/resolv.conf
            regexp: '^nameserver'
            line: namserver "{{ item }}"
            insertafter: '^search'
        with_items:
            - "{{ rhel8stig_dns_servers }}"
        when:
            - rhel_08_010680_networkmanager_check != '# Generated by NetworkManager'
            - rhel_08_010680_nameserver_count.stdout|int < 2

This outputs namserver "8.8.4.4" etc., which has both nameserver misspelled and also the address cannot be in quotes, I assume line: "nameserver {{item }}" is the correct line. Incidentally, the README.md lists the default servers as 9.9.9.9 and 149.112.112.112 when they are actually the google 8.8.8.8 and 8.8.4.4. Also, the ansible loop statement in the lineinfile module results in the DNS servers being inserted in reverse order (the secondary server ends up first)

Ansible 2.10.9
uk-bolly added a commit that referenced this issue May 13, 2021
@uk-bolly
Fixed #14 nameserver typo
6733903
@uk-bolly uk-bolly self-assigned this May 13, 2021
@uk-bolly uk-bolly added the bug Something isn't working label May 13, 2021
@uk-bolly
Copy link
Member

@waweber

Thank you for raising this issue, hoping to get a fix out as soon as possible.

Many thanks

uk-bolly

@uk-bolly
Copy link
Member

hi @waweber

I have pushed up a new branch for this issue, before i raise the PR, it would be great to get some feedback on this.

I am hoping that this has resolved the issues you have seen and extended functionality for that control RHEL-08-010680 .
This contains a number of changes related to the issue you raised
including:

  • logic for the lineinfile - should now be in order
  • correction of typos - no more quotes
  • update of DNS servers in README (this will updated completely soon)
  • ability to now use a template for resolv.conf if selected and added checks for this. (more variables added)

If you could test this and let me know.

Many thanks

uk-bolly

@uk-bolly uk-bolly mentioned this issue May 18, 2021
Merged
georgenalen added a commit that referenced this issue May 18, 2021
@georgenalen
Merge pull request #22 from ansible-lockdown/issue_#14_typo_resolv
a20d998 
Issue #14 typo resolv
Signed-off-by: George Nalen <[email protected]>
@uk-bolly uk-bolly mentioned this issue May 19, 2021
Merged
@waweber
Copy link
Author

waweber commented May 21, 2021

@uk-bolly it appears to work properly now. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@uk-bolly uk-bolly

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@waweber @uk-bolly