Create new variable for lynis executable.

2021-01-31 13:40:06 -06:00 · 2021-01-31 13:40:06 -06:00 · 4cd52e5405
commit 4cd52e5405
parent 9313d1a7ed
2 changed files with 4 additions and 1 deletions
--- a/facts/filesystem_names.yml
+++ b/facts/filesystem_names.yml
@ -5,6 +5,7 @@
  ansible.builtin.set_fact:
    lynis_install_dir: /usr/local/lynis
    lynis_report: /home/ling/lynis.log
+    lynis_exec: /usr/local/lynis/lynis
    sudoers_install_dir: /etc/sudoers.d/ansible
  when: ansible_distribution == "Pop!_OS"

@ -14,6 +15,7 @@
  ansible.builtin.set_fact:
    lynis_install_dir: /usr/local/lynis
    lynis_report: /root/lynis.log
+    lynis_exec: /usr/local/lynis/lynis
    sudoers_install_dir: /etc/sudoers.d/ansible
  when: ansible_distribution == "Ubuntu"

@ -23,5 +25,6 @@
  ansible.builtin.set_fact:
    lynis_install_dir: /usr/local/lynis
    lynis_report: /root/lynis.log
+    lynis_exec: /usr/local/lynis/lynis
    sudoers_install_dir: /usr/local/etc/sudoers.d/ansible
  when: ansible_distribution == "FreeBSD"
--- a/tasks/hardness_check_lynis.yml
+++ b/tasks/hardness_check_lynis.yml
@ -6,7 +6,7 @@
    force: yes

 - name: Run Lynis Audit System
-  shell: "{{ lynis_install_dir }}"/lynis --no-colors audit system > "{{ lynis_report }}" 2>&1
+  shell: "{{ lynis_exec }}" --no-colors audit system > "{{ lynis_report }}" 2>&1

 - name: Make Lynis Report Readable
  shell: chmod 444 "{{ lynis_report }}"