Updated defaults/main.yml

2026-02-10 09:22:06 +02:00 · 2024-02-07 20:48:37 -05:00
parent 4753dc81b5
commit 3a707be38e
1 changed files with 4 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -21,8 +21,10 @@ var_account_disable_post_pw_expiration: '30'
 var_accounts_maximum_age_login_defs: '365'
 var_accounts_minimum_age_login_defs: '1'
 var_accounts_password_warn_age_login_defs: '7'
+var_pam_wheel_group_for_su: sugroup
 var_accounts_tmout: '900'
 var_accounts_user_umask: '027'
+var_accounts_passwords_pam_faillock_dir: /var/run/faillock
 var_auditd_action_mail_acct: root
 var_auditd_admin_space_left_action: halt
 var_auditd_max_log_file: '6'
@@ -170,6 +172,7 @@ disable_strategy: true
 enable_authselect: true
 enable_strategy: true
 ensure_gpgcheck_globally_activated: true
+ensure_pam_wheel_group_empty: true
 file_at_deny_not_exist: true
 file_cron_deny_not_exist: true
 file_groupowner_at_allow: true
@@ -395,4 +398,5 @@ sysctl_net_ipv6_conf_default_accept_redirects: true
 sysctl_net_ipv6_conf_default_accept_source_route: true
 unknown_severity: true
 unknown_strategy: true
+use_pam_wheel_group_for_su: true
 wireless_disable_interfaces: true