RedHatOfficial.rhel7-ospp

OSPP - Protection Profile for General Purpose Operating Systems v4.2.1

Ansible Role for OSPP - Protection Profile for General Purpose Operating Systems v4.2.1

Profile Description:
This profile includes important configuration requirements outlined in the NIAP Configuration Annex for General Purpose Operating Systems (Version 4.2.1). It aligns with CNSSI-1253, which mandates certain configuration settings for U.S. National Security Systems. Therefore, this profile is appropriate for use in those systems.

The tasks in this role are created using OpenSCAP. For more details on generating Ansible playbooks, visit OpenSCAP GitHub.

If you want to report a problem or suggest improvements for an Ansible task that is not working or is missing in this role, check the ComplianceAsCode project at ComplianceAsCode GitHub.

Requirements

• Ansible version 2.9 or higher.

Role Variables
To adjust the role to your preferences, refer to the list of variables.

Dependencies
None

Example Role Usage
To download and install the role, run:

ansible-galaxy install RedHatOfficial.rhel7_ospp

Then, use this playbook snippet to run the Ansible role:

- hosts: all
  roles:
     - { role: RedHatOfficial.rhel7_ospp }

Check the playbook on your local machine using this command:

ansible-playbook -i "localhost," -c local --check playbook.yml

To apply it (note that it might change your local machine's settings!):

ansible-playbook -i "localhost," -c local playbook.yml

License
BSD-3-Clause

Author Information
This Ansible role was created based on security policies from the ComplianceAsCode project. For an updated list of authors and contributors, visit here.