Update section_5_Access_Authentication_and_Authorization.yaml

jpiron · Oct 13, 2023 · 82548db · 82548db
1 parent 8f80a66
commit 82548db
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/tasks/section_5_Access_Authentication_and_Authorization.yaml b/tasks/section_5_Access_Authentication_and_Authorization.yaml
@@ -666,20 +666,23 @@
       lineinfile:
         dest: /etc/pam.d/common-auth
         line: "auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900"
+        state: present
         create: true
 
     - name: 5.3.2 Ensure lockout for failed password attempts is configured - pam_deny.so
       lineinfile:
         dest: /etc/pam.d/common-account
         regexp: '^account\srequisite'
         line: "account requisite pam_deny.so"
+        state: present
         create: true
 
     - name: 5.3.2 Ensure lockout for failed password attempts is configured - pam_tally2.so
       lineinfile:
         dest: /etc/pam.d/common-account
         regexp: '^account\srequired'
         line: "account required pam_tally2.so"
+        state: present
         create: true
 
   tags: