Created
March 8, 2018 17:18
-
-
Save abtreece/156ac0aedfa2f4cccdaea0bc4a69ef50 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2018-03-08 10:56:35,246 p=13520 u=abtreece | PLAY [default] ***************************************************************** | |
2018-03-08 10:56:35,256 p=13520 u=abtreece | TASK [Gathering Facts] ********************************************************* | |
2018-03-08 10:56:37,066 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:56:37,073 p=13520 u=abtreece | TASK [Generate sshd host keys] ************************************************* | |
2018-03-08 10:56:37,094 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:56:37,103 p=13520 u=abtreece | TASK [include_vars] ************************************************************ | |
2018-03-08 10:56:37,174 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:56:37,181 p=13520 u=abtreece | TASK [Include Packer role-specific variables.] ********************************* | |
2018-03-08 10:56:37,220 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:56:37,227 p=13520 u=abtreece | TASK [Manage additional role packages] ***************************************** | |
2018-03-08 10:56:39,275 p=13520 u=abtreece | changed: [default] => (item={u'state': u'absent', u'name': u'ntp'}) | |
2018-03-08 10:56:42,520 p=13520 u=abtreece | changed: [default] => (item={u'name': u'sysstat'}) | |
2018-03-08 10:56:42,531 p=13520 u=abtreece | TASK [include_role] ************************************************************ | |
2018-03-08 10:56:42,611 p=13520 u=abtreece | TASK [user-management : include_tasks] ***************************************** | |
2018-03-08 10:56:42,638 p=13520 u=abtreece | included: /Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/user-management/tasks/groups.yml for default | |
2018-03-08 10:56:42,647 p=13520 u=abtreece | TASK [user-management : account | Creating groups] ***************************** | |
2018-03-08 10:56:43,937 p=13520 u=abtreece | changed: [default] => (item={u'gid': 10000, u'name': u'sudoers'}) | |
2018-03-08 10:56:44,929 p=13520 u=abtreece | changed: [default] => (item={u'gid': 10001, u'name': u'deploy'}) | |
2018-03-08 10:56:44,941 p=13520 u=abtreece | TASK [user-management : account | Per-user group creation] ********************* | |
2018-03-08 10:56:45,972 p=13520 u=abtreece | changed: [default] => (item={u'username': u'abtreece', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCox7FZedG0bnpywQhmBCjv+04aNSpZxcC4NhdO4LcoFzI0KfXtx3GVoWJn8SBF9HQoISjFvPyfa0Ob+9ylGar44pgagxRvk38d8yriGEi5+8CrPioa34+QWobyHKVw4HwQg1hD7vjiPPaRTIITlIPzwepPtWaVjXWg0CIo+mRnmYkFo4LzUM44PkUy/yCPZmuZU8ELQ0OEjAp35vxY+/9fZkJrWu5MJzGwd/MZDtwjL3sZycmLwCcEfnu9y04bqEArJzpkhHd71qW8zdDFtfO0q9LE1XA6jUD5s/Os+zg0E90khQez+2iV7icuLYouujjMgpOW7VTS4oRVQCmVxJLuXEpt4upIuXE/v3d9HR91fmiYCyAVXHPv4BfeLOdhCkQXA00uIPaOD8ZJU8c9GsCv/+eCV35yiM7fENtkUTxtRUQY1Dd42RyzNr6EI3nK3xupceu/1w9gKPWXV8Ar18MNJ4PSE+x6OfvUJWF5DsbFXNhNNqbGThvSltkJdtLSbvh2AQP1EIvvaGQYTrqn9qKTlxjVroZRT/cBZdOaZuwNOzvoqUOIvBjd7v14ucEWel6xARYVqBQzLVeq0fDK7oy0aZDAra7YlIOqJbIvuQsQtAeX815S6bG8ubh2nyyIkz0m5uIKL7edg73uM8lfYK9I9ilWjK0GHq0xNtExK2B3Ow== abtreece@quasar'], u'name': u'Britt Treece', u'groups': [u'sudoers'], u'uid': 5000}) | |
2018-03-08 10:56:46,976 p=13520 u=abtreece | changed: [default] => (item={u'username': u'woneill', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCngqMKE+XYxmv4/pZhecjqLKrLmWiUGvIIGpRpAxJsc9VPYW1I2T4yN7kk5sE4wEcOfSwOSjlulzr2wxL8lsRIV5gv/7prFSbVeAgna6PBwNITU3iVr58M+2JfX3oR68T8a3MdUjuo7jpXuTu3CnLgpteNm/8uN86DKrk8ZxG3cRjAplXogeEmMzhT9jNSpMqhn0T8dRGAznZ8b2Pqq56z5RH2xUgoBzdTGgvUmPKmJ49gfv4KO4hMVy1MTqx1VooaegJVbFCbph4N6asK/09qX4rBxP0fnMwwRlOcq3n/VE9GJK6LHd4UIJzhOS+B1Uvlou/UGzSF87JQdH4uBOV1QBBOxxZuTX1Y//fc5QEMFpYgYGIwkFLmcAep0wSpOKsJvKj32cKmddaCWg3SEk1UiPec7D7s4ZQhhl5JaiP+8MYbXfug71lIBZ0L+iJ0Y4q55UeOXSo2IC1vVTDQKbJTZRLjnZU7wdP92VGZzTifRK/IgAvMYeSpEGhYmtruO+Pl3Y8hj3JiV5wyEFLIJLpdYzg6VhjoThr3t5oBdlBA30hmA+5uLVPb49/i0zvIL0mnEkyZyBBBje3SNoAovbyYxTKyvoujWyZ0Yh0GRP+ak3pvMBh8d3WwuD3taIKDFWE70MzjNs9YUK9fr2ola/tikDfUR0Nkg2AprTrdXa4oew== cardno:000605762903'], u'name': u"Bill O'Neill", u'groups': [u'sudoers'], u'uid': 5001}) | |
2018-03-08 10:56:47,949 p=13520 u=abtreece | changed: [default] => (item={u'username': u'micha3lbrown', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPp4c8A5cpSCwyL1sxBQAoVktUG+iDkJH244IHeZl5QchDIoWvp4RM3WAVumsg3DmUizq8t/sQKffszZxbxoiBv763luUgu31C2a7dkJOXR7W+OpJRQt1ykyeEkQ3HfQrTPxC7rlKaRcjBmTCrmUH1vWwI0gjl48qd/aODwSzTeM2UOWK1KwH2ovdre3t6PcB96MBzwnxIhs2MPoCbD3QiehSEFU8r5JgK64P2RF8PAIuGfDVlP4/8B6K9tsxtXnJurqFVDjAGDGTT9CjOgKE90z5jAmTipR3aWQlGun+f6eOrGgmQKtfiDJdvTX8u1lUPG61TTXXFFvtzQDgxboYTZqls+Mq6n+OCFX1Ve8SCQbW/VMfRWqvjfjCivmS4ka/4W6Zm+gZhkihKYxFgNYMzuOiU0K4RJ8Brp/E33pXaIRWPO/OYbUndfey9P8MiHC637pEZ8Z3P0Rv2nH7qlQHcIFsN7iHE32+YhDNTCiADwQfjOq2Tfc+6vJ+VtyLscux6NSm9UjoYc6CHZoIPan/TWznYaGnpTu06XyCvxAcy1Dyr2DTLWsI95lLEFmV5UwGQ80qM9UZ5s3MC0jHN3jo8SghhlAw1Wq2vRTHqZ5uzne8Wygn1TyTikZWusN9Ukkx8AxUaF2r26WszBcLSsmjC1L27LxD+Q6S4wEHknPSDRw=='], u'name': u'Michael Brown', u'groups': [u'sudoers'], u'uid': 5002}) | |
2018-03-08 10:56:47,961 p=13520 u=abtreece | TASK [user-management : include_tasks] ***************************************** | |
2018-03-08 10:56:48,004 p=13520 u=abtreece | included: /Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/user-management/tasks/users.yml for default | |
2018-03-08 10:56:48,014 p=13520 u=abtreece | TASK [user-management : account | Create users] ******************************** | |
2018-03-08 10:56:49,295 p=13520 u=abtreece | changed: [default] => (item={u'username': u'abtreece', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCox7FZedG0bnpywQhmBCjv+04aNSpZxcC4NhdO4LcoFzI0KfXtx3GVoWJn8SBF9HQoISjFvPyfa0Ob+9ylGar44pgagxRvk38d8yriGEi5+8CrPioa34+QWobyHKVw4HwQg1hD7vjiPPaRTIITlIPzwepPtWaVjXWg0CIo+mRnmYkFo4LzUM44PkUy/yCPZmuZU8ELQ0OEjAp35vxY+/9fZkJrWu5MJzGwd/MZDtwjL3sZycmLwCcEfnu9y04bqEArJzpkhHd71qW8zdDFtfO0q9LE1XA6jUD5s/Os+zg0E90khQez+2iV7icuLYouujjMgpOW7VTS4oRVQCmVxJLuXEpt4upIuXE/v3d9HR91fmiYCyAVXHPv4BfeLOdhCkQXA00uIPaOD8ZJU8c9GsCv/+eCV35yiM7fENtkUTxtRUQY1Dd42RyzNr6EI3nK3xupceu/1w9gKPWXV8Ar18MNJ4PSE+x6OfvUJWF5DsbFXNhNNqbGThvSltkJdtLSbvh2AQP1EIvvaGQYTrqn9qKTlxjVroZRT/cBZdOaZuwNOzvoqUOIvBjd7v14ucEWel6xARYVqBQzLVeq0fDK7oy0aZDAra7YlIOqJbIvuQsQtAeX815S6bG8ubh2nyyIkz0m5uIKL7edg73uM8lfYK9I9ilWjK0GHq0xNtExK2B3Ow== abtreece@quasar'], u'name': u'Britt Treece', u'groups': [u'sudoers'], u'uid': 5000}) | |
2018-03-08 10:56:50,328 p=13520 u=abtreece | changed: [default] => (item={u'username': u'woneill', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCngqMKE+XYxmv4/pZhecjqLKrLmWiUGvIIGpRpAxJsc9VPYW1I2T4yN7kk5sE4wEcOfSwOSjlulzr2wxL8lsRIV5gv/7prFSbVeAgna6PBwNITU3iVr58M+2JfX3oR68T8a3MdUjuo7jpXuTu3CnLgpteNm/8uN86DKrk8ZxG3cRjAplXogeEmMzhT9jNSpMqhn0T8dRGAznZ8b2Pqq56z5RH2xUgoBzdTGgvUmPKmJ49gfv4KO4hMVy1MTqx1VooaegJVbFCbph4N6asK/09qX4rBxP0fnMwwRlOcq3n/VE9GJK6LHd4UIJzhOS+B1Uvlou/UGzSF87JQdH4uBOV1QBBOxxZuTX1Y//fc5QEMFpYgYGIwkFLmcAep0wSpOKsJvKj32cKmddaCWg3SEk1UiPec7D7s4ZQhhl5JaiP+8MYbXfug71lIBZ0L+iJ0Y4q55UeOXSo2IC1vVTDQKbJTZRLjnZU7wdP92VGZzTifRK/IgAvMYeSpEGhYmtruO+Pl3Y8hj3JiV5wyEFLIJLpdYzg6VhjoThr3t5oBdlBA30hmA+5uLVPb49/i0zvIL0mnEkyZyBBBje3SNoAovbyYxTKyvoujWyZ0Yh0GRP+ak3pvMBh8d3WwuD3taIKDFWE70MzjNs9YUK9fr2ola/tikDfUR0Nkg2AprTrdXa4oew== cardno:000605762903'], u'name': u"Bill O'Neill", u'groups': [u'sudoers'], u'uid': 5001}) | |
2018-03-08 10:56:51,326 p=13520 u=abtreece | changed: [default] => (item={u'username': u'micha3lbrown', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPp4c8A5cpSCwyL1sxBQAoVktUG+iDkJH244IHeZl5QchDIoWvp4RM3WAVumsg3DmUizq8t/sQKffszZxbxoiBv763luUgu31C2a7dkJOXR7W+OpJRQt1ykyeEkQ3HfQrTPxC7rlKaRcjBmTCrmUH1vWwI0gjl48qd/aODwSzTeM2UOWK1KwH2ovdre3t6PcB96MBzwnxIhs2MPoCbD3QiehSEFU8r5JgK64P2RF8PAIuGfDVlP4/8B6K9tsxtXnJurqFVDjAGDGTT9CjOgKE90z5jAmTipR3aWQlGun+f6eOrGgmQKtfiDJdvTX8u1lUPG61TTXXFFvtzQDgxboYTZqls+Mq6n+OCFX1Ve8SCQbW/VMfRWqvjfjCivmS4ka/4W6Zm+gZhkihKYxFgNYMzuOiU0K4RJ8Brp/E33pXaIRWPO/OYbUndfey9P8MiHC637pEZ8Z3P0Rv2nH7qlQHcIFsN7iHE32+YhDNTCiADwQfjOq2Tfc+6vJ+VtyLscux6NSm9UjoYc6CHZoIPan/TWznYaGnpTu06XyCvxAcy1Dyr2DTLWsI95lLEFmV5UwGQ80qM9UZ5s3MC0jHN3jo8SghhlAw1Wq2vRTHqZ5uzne8Wygn1TyTikZWusN9Ukkx8AxUaF2r26WszBcLSsmjC1L27LxD+Q6S4wEHknPSDRw=='], u'name': u'Michael Brown', u'groups': [u'sudoers'], u'uid': 5002}) | |
2018-03-08 10:56:51,338 p=13520 u=abtreece | TASK [user-management : account | Add SSH keys] ******************************** | |
2018-03-08 10:56:52,531 p=13520 u=abtreece | changed: [default] => (item=({u'username': u'abtreece', u'name': u'Britt Treece', u'groups': [u'sudoers'], u'uid': 5000}, u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCox7FZedG0bnpywQhmBCjv+04aNSpZxcC4NhdO4LcoFzI0KfXtx3GVoWJn8SBF9HQoISjFvPyfa0Ob+9ylGar44pgagxRvk38d8yriGEi5+8CrPioa34+QWobyHKVw4HwQg1hD7vjiPPaRTIITlIPzwepPtWaVjXWg0CIo+mRnmYkFo4LzUM44PkUy/yCPZmuZU8ELQ0OEjAp35vxY+/9fZkJrWu5MJzGwd/MZDtwjL3sZycmLwCcEfnu9y04bqEArJzpkhHd71qW8zdDFtfO0q9LE1XA6jUD5s/Os+zg0E90khQez+2iV7icuLYouujjMgpOW7VTS4oRVQCmVxJLuXEpt4upIuXE/v3d9HR91fmiYCyAVXHPv4BfeLOdhCkQXA00uIPaOD8ZJU8c9GsCv/+eCV35yiM7fENtkUTxtRUQY1Dd42RyzNr6EI3nK3xupceu/1w9gKPWXV8Ar18MNJ4PSE+x6OfvUJWF5DsbFXNhNNqbGThvSltkJdtLSbvh2AQP1EIvvaGQYTrqn9qKTlxjVroZRT/cBZdOaZuwNOzvoqUOIvBjd7v14ucEWel6xARYVqBQzLVeq0fDK7oy0aZDAra7YlIOqJbIvuQsQtAeX815S6bG8ubh2nyyIkz0m5uIKL7edg73uM8lfYK9I9ilWjK0GHq0xNtExK2B3Ow== abtreece@quasar')) | |
2018-03-08 10:56:53,538 p=13520 u=abtreece | changed: [default] => (item=({u'username': u'woneill', u'name': u"Bill O'Neill", u'groups': [u'sudoers'], u'uid': 5001}, u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCngqMKE+XYxmv4/pZhecjqLKrLmWiUGvIIGpRpAxJsc9VPYW1I2T4yN7kk5sE4wEcOfSwOSjlulzr2wxL8lsRIV5gv/7prFSbVeAgna6PBwNITU3iVr58M+2JfX3oR68T8a3MdUjuo7jpXuTu3CnLgpteNm/8uN86DKrk8ZxG3cRjAplXogeEmMzhT9jNSpMqhn0T8dRGAznZ8b2Pqq56z5RH2xUgoBzdTGgvUmPKmJ49gfv4KO4hMVy1MTqx1VooaegJVbFCbph4N6asK/09qX4rBxP0fnMwwRlOcq3n/VE9GJK6LHd4UIJzhOS+B1Uvlou/UGzSF87JQdH4uBOV1QBBOxxZuTX1Y//fc5QEMFpYgYGIwkFLmcAep0wSpOKsJvKj32cKmddaCWg3SEk1UiPec7D7s4ZQhhl5JaiP+8MYbXfug71lIBZ0L+iJ0Y4q55UeOXSo2IC1vVTDQKbJTZRLjnZU7wdP92VGZzTifRK/IgAvMYeSpEGhYmtruO+Pl3Y8hj3JiV5wyEFLIJLpdYzg6VhjoThr3t5oBdlBA30hmA+5uLVPb49/i0zvIL0mnEkyZyBBBje3SNoAovbyYxTKyvoujWyZ0Yh0GRP+ak3pvMBh8d3WwuD3taIKDFWE70MzjNs9YUK9fr2ola/tikDfUR0Nkg2AprTrdXa4oew== cardno:000605762903')) | |
2018-03-08 10:56:54,545 p=13520 u=abtreece | changed: [default] => (item=({u'username': u'micha3lbrown', u'name': u'Michael Brown', u'groups': [u'sudoers'], u'uid': 5002}, u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPp4c8A5cpSCwyL1sxBQAoVktUG+iDkJH244IHeZl5QchDIoWvp4RM3WAVumsg3DmUizq8t/sQKffszZxbxoiBv763luUgu31C2a7dkJOXR7W+OpJRQt1ykyeEkQ3HfQrTPxC7rlKaRcjBmTCrmUH1vWwI0gjl48qd/aODwSzTeM2UOWK1KwH2ovdre3t6PcB96MBzwnxIhs2MPoCbD3QiehSEFU8r5JgK64P2RF8PAIuGfDVlP4/8B6K9tsxtXnJurqFVDjAGDGTT9CjOgKE90z5jAmTipR3aWQlGun+f6eOrGgmQKtfiDJdvTX8u1lUPG61TTXXFFvtzQDgxboYTZqls+Mq6n+OCFX1Ve8SCQbW/VMfRWqvjfjCivmS4ka/4W6Zm+gZhkihKYxFgNYMzuOiU0K4RJ8Brp/E33pXaIRWPO/OYbUndfey9P8MiHC637pEZ8Z3P0Rv2nH7qlQHcIFsN7iHE32+YhDNTCiADwQfjOq2Tfc+6vJ+VtyLscux6NSm9UjoYc6CHZoIPan/TWznYaGnpTu06XyCvxAcy1Dyr2DTLWsI95lLEFmV5UwGQ80qM9UZ5s3MC0jHN3jo8SghhlAw1Wq2vRTHqZ5uzne8Wygn1TyTikZWusN9Ukkx8AxUaF2r26WszBcLSsmjC1L27LxD+Q6S4wEHknPSDRw==')) | |
2018-03-08 10:56:54,558 p=13520 u=abtreece | TASK [user-management : account | Setup user profiles] ************************* | |
2018-03-08 10:56:54,591 p=13520 u=abtreece | skipping: [default] => (item={u'username': u'abtreece', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCox7FZedG0bnpywQhmBCjv+04aNSpZxcC4NhdO4LcoFzI0KfXtx3GVoWJn8SBF9HQoISjFvPyfa0Ob+9ylGar44pgagxRvk38d8yriGEi5+8CrPioa34+QWobyHKVw4HwQg1hD7vjiPPaRTIITlIPzwepPtWaVjXWg0CIo+mRnmYkFo4LzUM44PkUy/yCPZmuZU8ELQ0OEjAp35vxY+/9fZkJrWu5MJzGwd/MZDtwjL3sZycmLwCcEfnu9y04bqEArJzpkhHd71qW8zdDFtfO0q9LE1XA6jUD5s/Os+zg0E90khQez+2iV7icuLYouujjMgpOW7VTS4oRVQCmVxJLuXEpt4upIuXE/v3d9HR91fmiYCyAVXHPv4BfeLOdhCkQXA00uIPaOD8ZJU8c9GsCv/+eCV35yiM7fENtkUTxtRUQY1Dd42RyzNr6EI3nK3xupceu/1w9gKPWXV8Ar18MNJ4PSE+x6OfvUJWF5DsbFXNhNNqbGThvSltkJdtLSbvh2AQP1EIvvaGQYTrqn9qKTlxjVroZRT/cBZdOaZuwNOzvoqUOIvBjd7v14ucEWel6xARYVqBQzLVeq0fDK7oy0aZDAra7YlIOqJbIvuQsQtAeX815S6bG8ubh2nyyIkz0m5uIKL7edg73uM8lfYK9I9ilWjK0GHq0xNtExK2B3Ow== abtreece@quasar'], u'name': u'Britt Treece', u'groups': [u'sudoers'], u'uid': 5000}) | |
2018-03-08 10:56:54,598 p=13520 u=abtreece | skipping: [default] => (item={u'username': u'woneill', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCngqMKE+XYxmv4/pZhecjqLKrLmWiUGvIIGpRpAxJsc9VPYW1I2T4yN7kk5sE4wEcOfSwOSjlulzr2wxL8lsRIV5gv/7prFSbVeAgna6PBwNITU3iVr58M+2JfX3oR68T8a3MdUjuo7jpXuTu3CnLgpteNm/8uN86DKrk8ZxG3cRjAplXogeEmMzhT9jNSpMqhn0T8dRGAznZ8b2Pqq56z5RH2xUgoBzdTGgvUmPKmJ49gfv4KO4hMVy1MTqx1VooaegJVbFCbph4N6asK/09qX4rBxP0fnMwwRlOcq3n/VE9GJK6LHd4UIJzhOS+B1Uvlou/UGzSF87JQdH4uBOV1QBBOxxZuTX1Y//fc5QEMFpYgYGIwkFLmcAep0wSpOKsJvKj32cKmddaCWg3SEk1UiPec7D7s4ZQhhl5JaiP+8MYbXfug71lIBZ0L+iJ0Y4q55UeOXSo2IC1vVTDQKbJTZRLjnZU7wdP92VGZzTifRK/IgAvMYeSpEGhYmtruO+Pl3Y8hj3JiV5wyEFLIJLpdYzg6VhjoThr3t5oBdlBA30hmA+5uLVPb49/i0zvIL0mnEkyZyBBBje3SNoAovbyYxTKyvoujWyZ0Yh0GRP+ak3pvMBh8d3WwuD3taIKDFWE70MzjNs9YUK9fr2ola/tikDfUR0Nkg2AprTrdXa4oew== cardno:000605762903'], u'name': u"Bill O'Neill", u'groups': [u'sudoers'], u'uid': 5001}) | |
2018-03-08 10:56:54,602 p=13520 u=abtreece | skipping: [default] => (item={u'username': u'micha3lbrown', u'ssh_key': [u'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPp4c8A5cpSCwyL1sxBQAoVktUG+iDkJH244IHeZl5QchDIoWvp4RM3WAVumsg3DmUizq8t/sQKffszZxbxoiBv763luUgu31C2a7dkJOXR7W+OpJRQt1ykyeEkQ3HfQrTPxC7rlKaRcjBmTCrmUH1vWwI0gjl48qd/aODwSzTeM2UOWK1KwH2ovdre3t6PcB96MBzwnxIhs2MPoCbD3QiehSEFU8r5JgK64P2RF8PAIuGfDVlP4/8B6K9tsxtXnJurqFVDjAGDGTT9CjOgKE90z5jAmTipR3aWQlGun+f6eOrGgmQKtfiDJdvTX8u1lUPG61TTXXFFvtzQDgxboYTZqls+Mq6n+OCFX1Ve8SCQbW/VMfRWqvjfjCivmS4ka/4W6Zm+gZhkihKYxFgNYMzuOiU0K4RJ8Brp/E33pXaIRWPO/OYbUndfey9P8MiHC637pEZ8Z3P0Rv2nH7qlQHcIFsN7iHE32+YhDNTCiADwQfjOq2Tfc+6vJ+VtyLscux6NSm9UjoYc6CHZoIPan/TWznYaGnpTu06XyCvxAcy1Dyr2DTLWsI95lLEFmV5UwGQ80qM9UZ5s3MC0jHN3jo8SghhlAw1Wq2vRTHqZ5uzne8Wygn1TyTikZWusN9Ukkx8AxUaF2r26WszBcLSsmjC1L27LxD+Q6S4wEHknPSDRw=='], u'name': u'Michael Brown', u'groups': [u'sudoers'], u'uid': 5002}) | |
2018-03-08 10:56:54,613 p=13520 u=abtreece | TASK [user-management : account | Deleted user removal] ************************ | |
2018-03-08 10:56:54,639 p=13520 u=abtreece | TASK [user-management : account | Deleted per-user group removal] ************** | |
2018-03-08 10:56:54,665 p=13520 u=abtreece | TASK [user-management : include_tasks] ***************************************** | |
2018-03-08 10:56:54,699 p=13520 u=abtreece | included: /Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/user-management/tasks/sudo.yml for default | |
2018-03-08 10:56:54,712 p=13520 u=abtreece | TASK [user-management : sudo | Install sudo (yum)] ***************************** | |
2018-03-08 10:56:55,838 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:56:55,847 p=13520 u=abtreece | TASK [user-management : sudo | Creating sudoers group] ************************* | |
2018-03-08 10:56:56,818 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:56:56,829 p=13520 u=abtreece | TASK [user-management : sudo | Creating sudoers files] ************************* | |
2018-03-08 10:56:59,172 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:56:59,182 p=13520 u=abtreece | TASK [user-management : sudo | Creating sudoers.d directory] ******************* | |
2018-03-08 10:57:00,277 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:00,286 p=13520 u=abtreece | TASK [user-management : sudo | Create sudoers.d files] ************************* | |
2018-03-08 10:57:00,315 p=13520 u=abtreece | TASK [include_role] ************************************************************ | |
2018-03-08 10:57:00,406 p=13520 u=abtreece | [DEPRECATION WARNING]: The use of 'include' for tasks has been deprecated. Use | |
'import_tasks' for static inclusions or 'include_tasks' for dynamic inclusions. | |
This feature will be removed in a future release. Deprecation warnings can be | |
disabled by setting deprecation_warnings=False in ansible.cfg. | |
2018-03-08 10:57:00,407 p=13520 u=abtreece | [DEPRECATION WARNING]: include is kept for backwards compatibility but usage is | |
discouraged. The module documentation details page may explain more about this | |
rationale.. This feature will be removed in a future release. Deprecation | |
warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. | |
2018-03-08 10:57:00,435 p=13520 u=abtreece | TASK [influxdata.chrony : include os-specific vars] **************************** | |
2018-03-08 10:57:00,480 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:00,487 p=13520 u=abtreece | TASK [influxdata.chrony : Install Chrony] ************************************** | |
2018-03-08 10:57:03,359 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:03,369 p=13520 u=abtreece | TASK [influxdata.chrony : Configure Chrony] ************************************ | |
2018-03-08 10:57:05,698 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:05,706 p=13520 u=abtreece | TASK [influxdata.chrony : Manage the chrony service] *************************** | |
2018-03-08 10:57:06,976 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:06,986 p=13520 u=abtreece | TASK [include_role] ************************************************************ | |
2018-03-08 10:57:07,185 p=13520 u=abtreece | TASK [Datadog.datadog : Install apt-transport-https] *************************** | |
2018-03-08 10:57:07,204 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,212 p=13520 u=abtreece | TASK [Datadog.datadog : Install ubuntu apt-key server] ************************* | |
2018-03-08 10:57:07,232 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,241 p=13520 u=abtreece | TASK [Datadog.datadog : Install Datadog apt-key] ******************************* | |
2018-03-08 10:57:07,262 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,271 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure Datadog repository is up-to-date] *************** | |
2018-03-08 10:57:07,293 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,303 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure Datadog repository is up-to-date (agent5)] ****** | |
2018-03-08 10:57:07,324 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,332 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure pinned version of Datadog agent is installed] *** | |
2018-03-08 10:57:07,354 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,363 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure Datadog agent is installed] ********************* | |
2018-03-08 10:57:07,385 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:07,393 p=13520 u=abtreece | TASK [Datadog.datadog : Download new RPM key] ********************************** | |
2018-03-08 10:57:08,780 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:08,790 p=13520 u=abtreece | TASK [Datadog.datadog : Import new RPM key] ************************************ | |
2018-03-08 10:57:10,159 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:10,170 p=13520 u=abtreece | TASK [Datadog.datadog : Install DataDog yum repo] ****************************** | |
2018-03-08 10:57:11,342 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:11,353 p=13520 u=abtreece | TASK [Datadog.datadog : Install DataDog yum repo (agent5)] ********************* | |
2018-03-08 10:57:12,334 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:12,344 p=13520 u=abtreece | TASK [Datadog.datadog : Install pinned datadog-agent package] ****************** | |
2018-03-08 10:57:12,373 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:12,382 p=13520 u=abtreece | TASK [Datadog.datadog : Install latest datadog-agent package] ****************** | |
2018-03-08 10:57:23,070 p=13520 u=abtreece | [WARNING]: Consider using yum module rather than running yum | |
2018-03-08 10:57:23,070 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:23,078 p=13520 u=abtreece | TASK [Datadog.datadog : Create main Datadog agent configuration file] ********** | |
2018-03-08 10:57:23,101 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:23,110 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure datadog-agent is running] *********************** | |
2018-03-08 10:57:23,131 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:23,141 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure datadog-agent is not running] ******************* | |
2018-03-08 10:57:23,160 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:23,169 p=13520 u=abtreece | TASK [Datadog.datadog : Create a configuration file for each Datadog check] **** | |
2018-03-08 10:57:23,197 p=13520 u=abtreece | skipping: [default] => (item=process) | |
2018-03-08 10:57:23,205 p=13520 u=abtreece | TASK [Datadog.datadog : Create /etc/datadog-agent] ***************************** | |
2018-03-08 10:57:24,315 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:24,325 p=13520 u=abtreece | TASK [Datadog.datadog : Create main Datadog agant yaml configuration file (beta)] *** | |
2018-03-08 10:57:26,442 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:26,450 p=13520 u=abtreece | TASK [Datadog.datadog : Create a configuration file for each Datadog check] **** | |
2018-03-08 10:57:28,516 p=13520 u=abtreece | changed: [default] => (item=process) | |
2018-03-08 10:57:28,530 p=13520 u=abtreece | TASK [Datadog.datadog : Create trace agent configuration file] ***************** | |
2018-03-08 10:57:30,598 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:30,606 p=13520 u=abtreece | TASK [Datadog.datadog : Create process agent configuration file] *************** | |
2018-03-08 10:57:32,681 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:32,689 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure datadog-agent is running] *********************** | |
2018-03-08 10:57:33,736 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:33,746 p=13520 u=abtreece | TASK [Datadog.datadog : Ensure datadog-agent is not running] ******************* | |
2018-03-08 10:57:33,775 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:33,784 p=13520 u=abtreece | TASK [Add login banner] ******************************************************** | |
2018-03-08 10:57:35,996 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:36,005 p=13520 u=abtreece | TASK [Display banner after ssh pubkey auth] ************************************ | |
2018-03-08 10:57:36,975 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:36,985 p=13520 u=abtreece | TASK [include_role] ************************************************************ | |
2018-03-08 10:57:37,415 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Set OS family dependent variables] **************** | |
2018-03-08 10:57:37,464 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:37,472 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Set OS dependent variables] *********************** | |
2018-03-08 10:57:37,534 p=13520 u=abtreece | ok: [default] => (item=/Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/dev-sec.os-hardening/vars/Amazon.yml) | |
2018-03-08 10:57:37,543 p=13520 u=abtreece | TASK [dev-sec.os-hardening : create limits.d-directory if it does not exist | sysctl-31a, sysctl-31b] *** | |
2018-03-08 10:57:38,537 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:38,547 p=13520 u=abtreece | TASK [dev-sec.os-hardening : create aditional limits config file -> 10.hardcore.conf | sysctl-31a, sysctl-31b] *** | |
2018-03-08 10:57:39,658 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:39,669 p=13520 u=abtreece | TASK [dev-sec.os-hardening : set 10.hardcore.conf perms to 0400 and root ownership] *** | |
2018-03-08 10:57:40,645 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:40,655 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove 10.hardcore.conf config file] ************** | |
2018-03-08 10:57:40,677 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:40,687 p=13520 u=abtreece | TASK [dev-sec.os-hardening : create login.defs | os-05, os-05b] **************** | |
2018-03-08 10:57:42,771 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:42,781 p=13520 u=abtreece | TASK [dev-sec.os-hardening : include_tasks] ************************************ | |
2018-03-08 10:57:42,879 p=13520 u=abtreece | included: /Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/dev-sec.os-hardening/tasks/minimize_access.yml for default | |
2018-03-08 10:57:42,921 p=13520 u=abtreece | TASK [dev-sec.os-hardening : find directories for minimizing access] *********** | |
2018-03-08 10:57:43,906 p=13520 u=abtreece | ok: [default] => (item=/usr/local/sbin) | |
2018-03-08 10:57:44,842 p=13520 u=abtreece | ok: [default] => (item=/usr/local/bin) | |
2018-03-08 10:57:45,791 p=13520 u=abtreece | ok: [default] => (item=/usr/sbin) | |
2018-03-08 10:57:46,745 p=13520 u=abtreece | ok: [default] => (item=/usr/bin) | |
2018-03-08 10:57:47,791 p=13520 u=abtreece | ok: [default] => (item=/sbin) | |
2018-03-08 10:57:48,771 p=13520 u=abtreece | ok: [default] => (item=/bin) | |
2018-03-08 10:57:48,788 p=13520 u=abtreece | TASK [dev-sec.os-hardening : minimize access] ********************************** | |
2018-03-08 10:57:49,814 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'e', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1325842804.0, u'block_size': 4096, u'inode': 49, u'isgid': False, u'size': 4096, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360585', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'writeable': True, u'isdir': True, u'blocks': 8, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/usr/local/sbin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1516041752.496956, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0755', u'islnk': False, u'attributes': [u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/usr/local/sbin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/usr/local/sbin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:50,770 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'e', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1325842804.0, u'block_size': 4096, u'inode': 42, u'isgid': False, u'size': 4096, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360578', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': True, u'writeable': True, u'isdir': True, u'blocks': 8, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/usr/local/bin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1516041752.496956, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0755', u'islnk': False, u'attributes': [u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/usr/local/bin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/usr/local/bin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:51,816 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'Ie', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1520528223.122582, u'block_size': 4096, u'inode': 74, u'isgid': False, u'size': 12288, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360610', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': False, u'writeable': True, u'isdir': True, u'blocks': 24, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/usr/sbin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1520528223.122582, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0555', u'islnk': False, u'attributes': [u'indexed', u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/usr/sbin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/usr/sbin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:52,828 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'Ie', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1520528242.8232572, u'block_size': 4096, u'inode': 24, u'isgid': False, u'size': 20480, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360560', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': False, u'writeable': True, u'isdir': True, u'blocks': 40, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/usr/bin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1520528242.8232572, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0555', u'islnk': False, u'attributes': [u'indexed', u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/usr/bin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/usr/bin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:53,804 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'Ie', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1516041785.505069, u'block_size': 4096, u'inode': 262161, u'isgid': False, u'size': 12288, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360557', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': False, u'writeable': True, u'isdir': True, u'blocks': 24, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/sbin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1516041785.505069, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0555', u'islnk': False, u'attributes': [u'indexed', u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/sbin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/sbin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:54,764 p=13520 u=abtreece | ok: [default] => (item={'_ansible_parsed': True, u'stat': {u'isuid': False, u'uid': 0, u'exists': True, u'attr_flags': u'e', u'woth': False, u'isreg': False, u'device_type': 0, u'mtime': 1516041787.4290757, u'block_size': 4096, u'inode': 262155, u'isgid': False, u'size': 4096, u'executable': True, u'roth': True, u'charset': u'binary', u'readable': True, u'version': u'18446744073219360532', u'pw_name': u'root', u'gid': 0, u'ischr': False, u'wusr': False, u'writeable': True, u'isdir': True, u'blocks': 8, u'xoth': True, u'rusr': True, u'nlink': 2, u'issock': False, u'rgrp': True, u'gr_name': u'root', u'path': u'/bin', u'xusr': True, u'atime': 1325842804.0, u'mimetype': u'inode/directory', u'ctime': 1516041787.4290757, u'isblk': False, u'xgrp': True, u'dev': 51713, u'wgrp': False, u'isfifo': False, u'mode': u'0555', u'islnk': False, u'attributes': [u'extents']}, u'changed': False, '_ansible_no_log': False, 'item': u'/bin', '_ansible_item_result': True, 'failed': False, u'invocation': {u'module_args': {u'checksum_algorithm': u'sha1', u'get_checksum': True, u'follow': False, u'path': u'/bin', u'get_md5': True, u'get_mime': True, u'get_attributes': True}}, '_ansible_ignore_errors': None}) | |
2018-03-08 10:57:54,784 p=13520 u=abtreece | TASK [dev-sec.os-hardening : change shadow ownership to root and mode to 0600 | os-02] *** | |
2018-03-08 10:57:55,840 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:55,851 p=13520 u=abtreece | TASK [dev-sec.os-hardening : change passwd ownership to root and mode to 0644 | os-03] *** | |
2018-03-08 10:57:56,924 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:57:56,935 p=13520 u=abtreece | TASK [dev-sec.os-hardening : change su-binary to only be accessible to user and group root] *** | |
2018-03-08 10:57:57,928 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:57,937 p=13520 u=abtreece | TASK [dev-sec.os-hardening : update pam on Debian systems] ********************* | |
2018-03-08 10:57:57,962 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:57,971 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove pam ccreds on Debian systems] ************** | |
2018-03-08 10:57:57,997 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:58,005 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove pam ccreds on Redhat systems] ************** | |
2018-03-08 10:57:59,524 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:57:59,535 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove pam_cracklib, because it does not play nice with passwdqc] *** | |
2018-03-08 10:57:59,563 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,573 p=13520 u=abtreece | TASK [dev-sec.os-hardening : install the package for strong password checking] *** | |
2018-03-08 10:57:59,599 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,608 p=13520 u=abtreece | TASK [dev-sec.os-hardening : configure passwdqc] ******************************* | |
2018-03-08 10:57:59,631 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,640 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove passwdqc] ********************************** | |
2018-03-08 10:57:59,665 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,673 p=13520 u=abtreece | TASK [dev-sec.os-hardening : install tally2] *********************************** | |
2018-03-08 10:57:59,697 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,706 p=13520 u=abtreece | TASK [dev-sec.os-hardening : configure tally2] ********************************* | |
2018-03-08 10:57:59,730 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,738 p=13520 u=abtreece | TASK [dev-sec.os-hardening : delete tally2 when retries is 0] ****************** | |
2018-03-08 10:57:59,761 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:57:59,770 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove pam_cracklib, because it does not play nice with passwdqc] *** | |
2018-03-08 10:58:01,008 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:58:01,020 p=13520 u=abtreece | TASK [dev-sec.os-hardening : install the package for strong password checking] *** | |
2018-03-08 10:58:02,177 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:58:02,188 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove passwdqc] ********************************** | |
2018-03-08 10:58:02,216 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:02,226 p=13520 u=abtreece | TASK [dev-sec.os-hardening : configure passwdqc and tally via central system-auth confic] *** | |
2018-03-08 10:58:04,410 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:04,421 p=13520 u=abtreece | TASK [dev-sec.os-hardening : NSA 2.3.3.5 Upgrade Password Hashing Algorithm to SHA-512] *** | |
2018-03-08 10:58:06,603 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:06,615 p=13520 u=abtreece | TASK [dev-sec.os-hardening : install modprobe to disable filesystems | os-10] *** | |
2018-03-08 10:58:08,047 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:58:08,058 p=13520 u=abtreece | TASK [dev-sec.os-hardening : disable unused filesystems | os-10] *************** | |
2018-03-08 10:58:10,219 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:10,231 p=13520 u=abtreece | TASK [dev-sec.os-hardening : add pinerolo_profile.sh to profile.d] ************* | |
2018-03-08 10:58:12,391 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:12,401 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove pinerolo_profile.sh from profile.d] ******** | |
2018-03-08 10:58:12,422 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:12,433 p=13520 u=abtreece | TASK [dev-sec.os-hardening : create securetty] ********************************* | |
2018-03-08 10:58:14,594 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:14,605 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove suid/sgid bit from binaries in blacklist | os-06] *** | |
2018-03-08 10:58:15,605 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/rcp) | |
2018-03-08 10:58:16,544 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/rlogin) | |
2018-03-08 10:58:17,498 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/rsh) | |
2018-03-08 10:58:18,455 p=13520 u=abtreece | changed: [default] => (item=/usr/libexec/openssh/ssh-keysign) | |
2018-03-08 10:58:19,403 p=13520 u=abtreece | ok: [default] => (item=/usr/lib/openssh/ssh-keysign) | |
2018-03-08 10:58:20,420 p=13520 u=abtreece | changed: [default] => (item=/sbin/netreport) | |
2018-03-08 10:58:21,377 p=13520 u=abtreece | changed: [default] => (item=/usr/sbin/usernetctl) | |
2018-03-08 10:58:22,334 p=13520 u=abtreece | ok: [default] => (item=/usr/sbin/userisdnctl) | |
2018-03-08 10:58:23,288 p=13520 u=abtreece | ok: [default] => (item=/usr/sbin/pppd) | |
2018-03-08 10:58:24,230 p=13520 u=abtreece | changed: [default] => (item=/usr/bin/lockfile) | |
2018-03-08 10:58:25,186 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/mail-lock) | |
2018-03-08 10:58:26,137 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/mail-unlock) | |
2018-03-08 10:58:27,135 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/mail-touchlock) | |
2018-03-08 10:58:28,095 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/dotlockfile) | |
2018-03-08 10:58:29,038 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/arping) | |
2018-03-08 10:58:29,990 p=13520 u=abtreece | ok: [default] => (item=/usr/sbin/uuidd) | |
2018-03-08 10:58:30,981 p=13520 u=abtreece | ok: [default] => (item=/usr/bin/mtr) | |
2018-03-08 10:58:31,938 p=13520 u=abtreece | ok: [default] => (item=/usr/lib/evolution/camel-lock-helper-1.2) | |
2018-03-08 10:58:32,890 p=13520 u=abtreece | ok: [default] => (item=/usr/lib/pt_chown) | |
2018-03-08 10:58:33,839 p=13520 u=abtreece | ok: [default] => (item=/usr/lib/eject/dmcrypt-get-device) | |
2018-03-08 10:58:34,795 p=13520 u=abtreece | ok: [default] => (item=/usr/lib/mc/cons.saver) | |
2018-03-08 10:58:34,811 p=13520 u=abtreece | TASK [dev-sec.os-hardening : find binaries with suid/sgid set | os-06] ********* | |
2018-03-08 10:58:34,834 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:34,845 p=13520 u=abtreece | TASK [dev-sec.os-hardening : gather files from which to remove suids/sgids and remove system white-listed files | os-06] *** | |
2018-03-08 10:58:34,868 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:34,877 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove suid/sgid bit from all binaries except in system and user whitelist | os-06] *** | |
2018-03-08 10:58:34,910 p=13520 u=abtreece | TASK [dev-sec.os-hardening : protect sysctl.conf] ****************************** | |
2018-03-08 10:58:35,881 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:35,893 p=13520 u=abtreece | TASK [dev-sec.os-hardening : set Daemon umask, do config for rhel-family | NSA 2.2.4.1] *** | |
2018-03-08 10:58:38,151 p=13520 u=abtreece | changed: [default] | |
2018-03-08 10:58:38,162 p=13520 u=abtreece | TASK [dev-sec.os-hardening : install initramfs-tools] ************************** | |
2018-03-08 10:58:38,188 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:38,198 p=13520 u=abtreece | TASK [dev-sec.os-hardening : rebuild initramfs with starting pack of modules, if module loading at runtime is disabled] *** | |
2018-03-08 10:58:38,222 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:38,231 p=13520 u=abtreece | TASK [dev-sec.os-hardening : update-initramfs] ********************************* | |
2018-03-08 10:58:38,253 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:38,263 p=13520 u=abtreece | TASK [dev-sec.os-hardening : create a combined sysctl-dict if overwrites are defined] *** | |
2018-03-08 10:58:38,287 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:58:38,296 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Change various sysctl-settings, look at the sysctl-vars file for documentation] *** | |
2018-03-08 10:58:39,525 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.accept_ra_rtr_pref'}) | |
2018-03-08 10:58:40,489 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.accept_ra_pinfo'}) | |
2018-03-08 10:58:41,452 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.all.arp_ignore'}) | |
2018-03-08 10:58:42,419 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'fs.protected_hardlinks'}) | |
2018-03-08 10:58:43,387 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv6.conf.all.disable_ipv6'}) | |
2018-03-08 10:58:44,341 p=13520 u=abtreece | ok: [default] => (item={'value': 0, 'key': u'net.ipv4.ip_forward'}) | |
2018-03-08 10:58:45,301 p=13520 u=abtreece | ok: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.default.rp_filter'}) | |
2018-03-08 10:58:46,264 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.all.forwarding'}) | |
2018-03-08 10:58:47,222 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.all.send_redirects'}) | |
2018-03-08 10:58:48,190 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'fs.protected_symlinks'}) | |
2018-03-08 10:58:49,175 p=13520 u=abtreece | changed: [default] => (item={'value': 100, 'key': u'net.ipv4.icmp_ratelimit'}) | |
2018-03-08 10:58:50,135 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.accept_ra'}) | |
2018-03-08 10:58:51,097 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.default.secure_redirects'}) | |
2018-03-08 10:58:52,057 p=13520 u=abtreece | changed: [default] => (item={'value': 2, 'key': u'kernel.randomize_va_space'}) | |
2018-03-08 10:58:53,060 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.tcp_timestamps'}) | |
2018-03-08 10:58:54,025 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.all.accept_source_route'}) | |
2018-03-08 10:58:54,990 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.dad_transmits'}) | |
2018-03-08 10:58:55,952 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.all.secure_redirects'}) | |
2018-03-08 10:58:56,916 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.default.shared_media'}) | |
2018-03-08 10:58:57,882 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.accept_ra_defrtr'}) | |
2018-03-08 10:58:58,843 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.default.send_redirects'}) | |
2018-03-08 10:58:59,808 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.all.accept_redirects'}) | |
2018-03-08 10:59:00,774 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.autoconf'}) | |
2018-03-08 10:59:01,724 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.accept_redirects'}) | |
2018-03-08 10:59:02,693 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.default.router_solicitations'}) | |
2018-03-08 10:59:03,677 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'kernel.kptr_restrict'}) | |
2018-03-08 10:59:04,644 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.default.log_martians'}) | |
2018-03-08 10:59:05,579 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.icmp_echo_ignore_broadcasts'}) | |
2018-03-08 10:59:06,523 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'kernel.yama.ptrace_scope'}) | |
2018-03-08 10:59:07,487 p=13520 u=abtreece | changed: [default] => (item={'value': 65536, 'key': u'vm.mmap_min_addr'}) | |
2018-03-08 10:59:08,448 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.all.log_martians'}) | |
2018-03-08 10:59:09,403 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'fs.suid_dumpable'}) | |
2018-03-08 10:59:10,363 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.default.accept_redirects'}) | |
2018-03-08 10:59:11,324 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.icmp_ignore_bogus_error_responses'}) | |
2018-03-08 10:59:12,283 p=13520 u=abtreece | ok: [default] => (item={'value': 0, 'key': u'net.ipv4.conf.default.accept_source_route'}) | |
2018-03-08 10:59:13,241 p=13520 u=abtreece | ok: [default] => (item={'value': 1, 'key': u'kernel.core_uses_pid'}) | |
2018-03-08 10:59:14,238 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.all.accept_redirects'}) | |
2018-03-08 10:59:15,195 p=13520 u=abtreece | changed: [default] => (item={'value': 88089, 'key': u'net.ipv4.icmp_ratemask'}) | |
2018-03-08 10:59:16,130 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.all.rp_filter'}) | |
2018-03-08 10:59:17,063 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv6.conf.default.max_addresses'}) | |
2018-03-08 10:59:17,998 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.conf.all.shared_media'}) | |
2018-03-08 10:59:18,932 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'net.ipv4.tcp_rfc1337'}) | |
2018-03-08 10:59:19,861 p=13520 u=abtreece | ok: [default] => (item={'value': 0, 'key': u'kernel.sysrq'}) | |
2018-03-08 10:59:20,795 p=13520 u=abtreece | changed: [default] => (item={'value': 2, 'key': u'net.ipv4.conf.all.arp_announce'}) | |
2018-03-08 10:59:21,727 p=13520 u=abtreece | changed: [default] => (item={'value': 0, 'key': u'net.ipv6.conf.all.accept_ra'}) | |
2018-03-08 10:59:21,740 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Change various sysctl-settings on rhel6-hosts or older, look at the sysctl-vars file for documentation] *** | |
2018-03-08 10:59:22,715 p=13520 u=abtreece | changed: [default] => (item={'value': 1, 'key': u'kernel.exec-shield'}) | |
2018-03-08 10:59:23,644 p=13520 u=abtreece | ok: [default] => (item={'value': 1, 'key': u'net.ipv4.tcp_syncookies'}) | |
2018-03-08 10:59:23,655 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Apply ufw defaults] ******************************* | |
2018-03-08 10:59:23,676 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:59:23,684 p=13520 u=abtreece | TASK [dev-sec.os-hardening : get UID_MIN from login.defs] ********************** | |
2018-03-08 10:59:24,631 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:59:24,639 p=13520 u=abtreece | TASK [dev-sec.os-hardening : calculate UID_MAX from UID_MIN by substracting 1] *** | |
2018-03-08 10:59:24,686 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:59:24,693 p=13520 u=abtreece | TASK [dev-sec.os-hardening : set UID_MAX on Debian-systems if no login.defs exist] *** | |
2018-03-08 10:59:24,714 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:59:24,723 p=13520 u=abtreece | TASK [dev-sec.os-hardening : set UID_MAX on other systems if no login.defs exist] *** | |
2018-03-08 10:59:24,746 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 10:59:24,754 p=13520 u=abtreece | TASK [dev-sec.os-hardening : get all system accounts] ************************** | |
2018-03-08 10:59:25,704 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:59:25,712 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove always ignored system accounts from list] *** | |
2018-03-08 10:59:25,759 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:59:25,766 p=13520 u=abtreece | TASK [dev-sec.os-hardening : change system accounts not on the user provided ignore-list] *** | |
2018-03-08 10:59:26,746 p=13520 u=abtreece | ok: [default] => (item=bin) | |
2018-03-08 10:59:27,690 p=13520 u=abtreece | ok: [default] => (item=daemon) | |
2018-03-08 10:59:28,680 p=13520 u=abtreece | ok: [default] => (item=adm) | |
2018-03-08 10:59:29,627 p=13520 u=abtreece | ok: [default] => (item=lp) | |
2018-03-08 10:59:30,565 p=13520 u=abtreece | ok: [default] => (item=mail) | |
2018-03-08 10:59:31,501 p=13520 u=abtreece | ok: [default] => (item=uucp) | |
2018-03-08 10:59:32,445 p=13520 u=abtreece | ok: [default] => (item=operator) | |
2018-03-08 10:59:33,384 p=13520 u=abtreece | ok: [default] => (item=games) | |
2018-03-08 10:59:34,325 p=13520 u=abtreece | ok: [default] => (item=gopher) | |
2018-03-08 10:59:35,268 p=13520 u=abtreece | ok: [default] => (item=ftp) | |
2018-03-08 10:59:36,238 p=13520 u=abtreece | ok: [default] => (item=nobody) | |
2018-03-08 10:59:37,224 p=13520 u=abtreece | changed: [default] => (item=rpc) | |
2018-03-08 10:59:38,211 p=13520 u=abtreece | changed: [default] => (item=ntp) | |
2018-03-08 10:59:39,237 p=13520 u=abtreece | changed: [default] => (item=saslauth) | |
2018-03-08 10:59:40,213 p=13520 u=abtreece | changed: [default] => (item=mailnull) | |
2018-03-08 10:59:41,194 p=13520 u=abtreece | changed: [default] => (item=smmsp) | |
2018-03-08 10:59:42,182 p=13520 u=abtreece | changed: [default] => (item=rpcuser) | |
2018-03-08 10:59:43,165 p=13520 u=abtreece | changed: [default] => (item=sshd) | |
2018-03-08 10:59:44,157 p=13520 u=abtreece | changed: [default] => (item=dbus) | |
2018-03-08 10:59:45,138 p=13520 u=abtreece | changed: [default] => (item=chrony) | |
2018-03-08 10:59:45,155 p=13520 u=abtreece | TASK [dev-sec.os-hardening : Get user accounts | os-09] ************************ | |
2018-03-08 10:59:46,132 p=13520 u=abtreece | ok: [default] | |
2018-03-08 10:59:46,141 p=13520 u=abtreece | TASK [dev-sec.os-hardening : delete rhosts-files from system | os-09] ********** | |
2018-03-08 10:59:47,128 p=13520 u=abtreece | ok: [default] => (item=root) | |
2018-03-08 10:59:48,070 p=13520 u=abtreece | ok: [default] => (item=bin) | |
2018-03-08 10:59:49,021 p=13520 u=abtreece | ok: [default] => (item=daemon) | |
2018-03-08 10:59:50,044 p=13520 u=abtreece | ok: [default] => (item=adm) | |
2018-03-08 10:59:50,994 p=13520 u=abtreece | ok: [default] => (item=lp) | |
2018-03-08 10:59:51,945 p=13520 u=abtreece | ok: [default] => (item=sync) | |
2018-03-08 10:59:52,895 p=13520 u=abtreece | ok: [default] => (item=shutdown) | |
2018-03-08 10:59:53,848 p=13520 u=abtreece | ok: [default] => (item=halt) | |
2018-03-08 10:59:54,797 p=13520 u=abtreece | ok: [default] => (item=mail) | |
2018-03-08 10:59:55,750 p=13520 u=abtreece | ok: [default] => (item=uucp) | |
2018-03-08 10:59:56,705 p=13520 u=abtreece | ok: [default] => (item=operator) | |
2018-03-08 10:59:57,659 p=13520 u=abtreece | ok: [default] => (item=games) | |
2018-03-08 10:59:58,614 p=13520 u=abtreece | ok: [default] => (item=gopher) | |
2018-03-08 10:59:59,559 p=13520 u=abtreece | ok: [default] => (item=ftp) | |
2018-03-08 11:00:00,548 p=13520 u=abtreece | ok: [default] => (item=nobody) | |
2018-03-08 11:00:01,505 p=13520 u=abtreece | ok: [default] => (item=rpc) | |
2018-03-08 11:00:02,516 p=13520 u=abtreece | ok: [default] => (item=ntp) | |
2018-03-08 11:00:03,467 p=13520 u=abtreece | ok: [default] => (item=saslauth) | |
2018-03-08 11:00:04,422 p=13520 u=abtreece | ok: [default] => (item=mailnull) | |
2018-03-08 11:00:05,344 p=13520 u=abtreece | ok: [default] => (item=smmsp) | |
2018-03-08 11:00:06,268 p=13520 u=abtreece | ok: [default] => (item=rpcuser) | |
2018-03-08 11:00:07,221 p=13520 u=abtreece | ok: [default] => (item=nfsnobody) | |
2018-03-08 11:00:08,175 p=13520 u=abtreece | ok: [default] => (item=sshd) | |
2018-03-08 11:00:09,129 p=13520 u=abtreece | ok: [default] => (item=dbus) | |
2018-03-08 11:00:10,080 p=13520 u=abtreece | ok: [default] => (item=ec2-user) | |
2018-03-08 11:00:11,064 p=13520 u=abtreece | ok: [default] => (item=abtreece) | |
2018-03-08 11:00:12,016 p=13520 u=abtreece | ok: [default] => (item=woneill) | |
2018-03-08 11:00:12,964 p=13520 u=abtreece | ok: [default] => (item=micha3lbrown) | |
2018-03-08 11:00:13,893 p=13520 u=abtreece | ok: [default] => (item=chrony) | |
2018-03-08 11:00:14,814 p=13520 u=abtreece | ok: [default] => (item=dd-agent) | |
2018-03-08 11:00:14,827 p=13520 u=abtreece | TASK [dev-sec.os-hardening : delete hosts.equiv from system | os-01] *********** | |
2018-03-08 11:00:15,774 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:00:15,784 p=13520 u=abtreece | TASK [dev-sec.os-hardening : delete .netrc-files from system | os-09] ********** | |
2018-03-08 11:00:16,764 p=13520 u=abtreece | ok: [default] => (item=root) | |
2018-03-08 11:00:17,688 p=13520 u=abtreece | ok: [default] => (item=bin) | |
2018-03-08 11:00:18,613 p=13520 u=abtreece | ok: [default] => (item=daemon) | |
2018-03-08 11:00:19,595 p=13520 u=abtreece | ok: [default] => (item=adm) | |
2018-03-08 11:00:20,539 p=13520 u=abtreece | ok: [default] => (item=lp) | |
2018-03-08 11:00:21,487 p=13520 u=abtreece | ok: [default] => (item=sync) | |
2018-03-08 11:00:22,443 p=13520 u=abtreece | ok: [default] => (item=shutdown) | |
2018-03-08 11:00:23,393 p=13520 u=abtreece | ok: [default] => (item=halt) | |
2018-03-08 11:00:24,340 p=13520 u=abtreece | ok: [default] => (item=mail) | |
2018-03-08 11:00:25,293 p=13520 u=abtreece | ok: [default] => (item=uucp) | |
2018-03-08 11:00:26,247 p=13520 u=abtreece | ok: [default] => (item=operator) | |
2018-03-08 11:00:27,202 p=13520 u=abtreece | ok: [default] => (item=games) | |
2018-03-08 11:00:28,149 p=13520 u=abtreece | ok: [default] => (item=gopher) | |
2018-03-08 11:00:29,117 p=13520 u=abtreece | ok: [default] => (item=ftp) | |
2018-03-08 11:00:30,108 p=13520 u=abtreece | ok: [default] => (item=nobody) | |
2018-03-08 11:00:31,082 p=13520 u=abtreece | ok: [default] => (item=rpc) | |
2018-03-08 11:00:32,037 p=13520 u=abtreece | ok: [default] => (item=ntp) | |
2018-03-08 11:00:32,989 p=13520 u=abtreece | ok: [default] => (item=saslauth) | |
2018-03-08 11:00:33,939 p=13520 u=abtreece | ok: [default] => (item=mailnull) | |
2018-03-08 11:00:34,891 p=13520 u=abtreece | ok: [default] => (item=smmsp) | |
2018-03-08 11:00:35,843 p=13520 u=abtreece | ok: [default] => (item=rpcuser) | |
2018-03-08 11:00:36,790 p=13520 u=abtreece | ok: [default] => (item=nfsnobody) | |
2018-03-08 11:00:37,739 p=13520 u=abtreece | ok: [default] => (item=sshd) | |
2018-03-08 11:00:38,677 p=13520 u=abtreece | ok: [default] => (item=dbus) | |
2018-03-08 11:00:39,626 p=13520 u=abtreece | ok: [default] => (item=ec2-user) | |
2018-03-08 11:00:40,611 p=13520 u=abtreece | ok: [default] => (item=abtreece) | |
2018-03-08 11:00:41,562 p=13520 u=abtreece | ok: [default] => (item=woneill) | |
2018-03-08 11:00:42,504 p=13520 u=abtreece | ok: [default] => (item=micha3lbrown) | |
2018-03-08 11:00:43,429 p=13520 u=abtreece | ok: [default] => (item=chrony) | |
2018-03-08 11:00:44,353 p=13520 u=abtreece | ok: [default] => (item=dd-agent) | |
2018-03-08 11:00:44,366 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove unused repositories] *********************** | |
2018-03-08 11:00:45,323 p=13520 u=abtreece | ok: [default] => (item=CentOS-Debuginfo) | |
2018-03-08 11:00:46,267 p=13520 u=abtreece | ok: [default] => (item=CentOS-Media) | |
2018-03-08 11:00:47,222 p=13520 u=abtreece | ok: [default] => (item=CentOS-Vault) | |
2018-03-08 11:00:47,236 p=13520 u=abtreece | TASK [dev-sec.os-hardening : get yum-repository-files] ************************* | |
2018-03-08 11:00:48,220 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:00:48,230 p=13520 u=abtreece | TASK [dev-sec.os-hardening : check if rhnplugin.conf exists] ******************* | |
2018-03-08 11:00:49,208 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:00:49,216 p=13520 u=abtreece | TASK [dev-sec.os-hardening : activate gpg-check for yum-repos] ***************** | |
2018-03-08 11:00:50,364 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.conf) | |
2018-03-08 11:00:51,316 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/epel-testing.repo) | |
2018-03-08 11:00:52,269 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/amzn-preview.repo) | |
2018-03-08 11:00:53,224 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/epel.repo) | |
2018-03-08 11:00:54,173 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/datadog.repo) | |
2018-03-08 11:00:55,127 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/amzn-main.repo) | |
2018-03-08 11:00:56,079 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/amzn-nosrc.repo) | |
2018-03-08 11:00:57,030 p=13520 u=abtreece | ok: [default] => (item=/etc/yum.repos.d/amzn-updates.repo) | |
2018-03-08 11:00:57,045 p=13520 u=abtreece | TASK [dev-sec.os-hardening : activate gpg-check for yum rhn if it exists] ****** | |
2018-03-08 11:00:57,075 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:00:57,085 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove deprecated or insecure packages | package-01 - package-09] *** | |
2018-03-08 11:00:58,297 p=13520 u=abtreece | ok: [default] => (item=[u'xinetd', u'inetd', u'ypserv', u'telnet-server', u'rsh-server', u'prelink']) | |
2018-03-08 11:00:58,308 p=13520 u=abtreece | TASK [dev-sec.os-hardening : remove deprecated or insecure packages | package-01 - package-09] *** | |
2018-03-08 11:00:58,363 p=13520 u=abtreece | skipping: [default] => (item=[]) | |
2018-03-08 11:00:58,371 p=13520 u=abtreece | TASK [include_role] ************************************************************ | |
2018-03-08 11:00:59,045 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Set OS dependent variables] ********************** | |
2018-03-08 11:00:59,119 p=13520 u=abtreece | ok: [default] => (item=/Users/abtreece/Work/Repos/spreedly/system-images/packer/provisioners/ansible/roles/amazon-ebs/dev-sec.ssh-hardening/vars/RedHat.yml) | |
2018-03-08 11:00:59,128 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : get openssh-version] ***************************** | |
2018-03-08 11:01:00,127 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:00,138 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set hostkeys according to openssh-version] ******* | |
2018-03-08 11:01:00,199 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:00,208 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set hostkeys according to openssh-version] ******* | |
2018-03-08 11:01:00,233 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,242 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set hostkeys according to openssh-version] ******* | |
2018-03-08 11:01:00,266 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,276 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak macs according to openssh-version if openssh >= 7.6] *** | |
2018-03-08 11:01:00,300 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,309 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak macs according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,334 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,343 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set macs according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,402 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:00,410 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak macs according to openssh-version] ****** | |
2018-03-08 11:01:00,436 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,445 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set macs according to openssh-version] *********** | |
2018-03-08 11:01:00,469 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,479 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set macs according to openssh-version] *********** | |
2018-03-08 11:01:00,505 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,515 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set macs according to openssh-version] *********** | |
2018-03-08 11:01:00,539 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,549 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak ciphers according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,573 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,584 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set ciphers according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,642 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:00,651 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak ciphers according to openssh-version] *** | |
2018-03-08 11:01:00,681 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,690 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set ciphers according to openssh-version] ******** | |
2018-03-08 11:01:00,714 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,724 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak kex according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,749 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,758 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set kex according to openssh-version if openssh >= 6.6] *** | |
2018-03-08 11:01:00,812 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:00,821 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set weak kex according to openssh-version] ******* | |
2018-03-08 11:01:00,843 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,852 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : set kex according to openssh-version] ************ | |
2018-03-08 11:01:00,875 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:00,884 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : create revoked_keys and set permissions to root/600] *** | |
2018-03-08 11:01:02,894 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:02,900 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : create sshd_config and set permissions to root/600] *** | |
2018-03-08 11:01:05,013 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:05,022 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : create ssh_config and set permissions to root/644] *** | |
2018-03-08 11:01:07,101 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:07,112 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Check if /etc/ssh/moduli contains weak DH parameters] *** | |
2018-03-08 11:01:08,216 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:08,225 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : remove all small primes] ************************* | |
2018-03-08 11:01:09,358 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:09,373 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : test to see if selinux is installed and running] *** | |
2018-03-08 11:01:10,473 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:10,484 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Install google authenticator PAM module] ********* | |
2018-03-08 11:01:10,633 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:10,644 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Install google authenticator PAM module] ********* | |
2018-03-08 11:01:10,666 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:10,676 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Add google auth module to PAM] ******************* | |
2018-03-08 11:01:10,697 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:10,706 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Remove password auth from PAM] ******************* | |
2018-03-08 11:01:10,726 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:10,735 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Remove password auth from PAM] ******************* | |
2018-03-08 11:01:10,754 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:10,763 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : install selinux dependencies when selinux is installed on RHEL or Oracle Linux] *** | |
2018-03-08 11:01:15,870 p=13520 u=abtreece | changed: [default] => (item=policycoreutils-python) | |
2018-03-08 11:01:17,236 p=13520 u=abtreece | ok: [default] => (item=checkpolicy) | |
2018-03-08 11:01:17,250 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : install selinux dependencies when selinux is installed on Debian or Ubuntu] *** | |
2018-03-08 11:01:17,298 p=13520 u=abtreece | skipping: [default] => (item=[]) | |
2018-03-08 11:01:17,307 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : check if ssh_password module is already installed] *** | |
2018-03-08 11:01:18,301 p=13520 u=abtreece | ok: [default] | |
2018-03-08 11:01:18,312 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Create selinux custom policy drop folder] ******** | |
2018-03-08 11:01:18,345 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,354 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : Distributing custom selinux policies] ************ | |
2018-03-08 11:01:18,382 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,391 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : check and compile policy] ************************ | |
2018-03-08 11:01:18,418 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,427 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : create selinux policy module package] ************ | |
2018-03-08 11:01:18,454 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,462 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : install selinux policy] ************************** | |
2018-03-08 11:01:18,488 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,496 p=13520 u=abtreece | TASK [dev-sec.ssh-hardening : remove selinux-policy when Pam is used, because Allowing sshd to read the shadow file directly is considered a potential security risk (http://danwalsh.livejournal.com/12333.html)] *** | |
2018-03-08 11:01:18,520 p=13520 u=abtreece | skipping: [default] | |
2018-03-08 11:01:18,528 p=13520 u=abtreece | TASK [Fix /etc/ssh/sshd_config permissions reset by cloud-init] **************** | |
2018-03-08 11:01:20,545 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:20,555 p=13520 u=abtreece | TASK [Copy Rationale] ********************************************************** | |
2018-03-08 11:01:22,561 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:22,571 p=13520 u=abtreece | TASK [Add ForceCommand to sshd_config] ***************************************** | |
2018-03-08 11:01:23,693 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:23,695 p=13520 u=abtreece | RUNNING HANDLER [influxdata.chrony : restart chrony] *************************** | |
2018-03-08 11:01:24,883 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:24,884 p=13520 u=abtreece | RUNNING HANDLER [Datadog.datadog : restart datadog-agent] ********************** | |
2018-03-08 11:01:29,935 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:29,936 p=13520 u=abtreece | RUNNING HANDLER [dev-sec.ssh-hardening : restart sshd] ************************* | |
2018-03-08 11:01:31,171 p=13520 u=abtreece | changed: [default] | |
2018-03-08 11:01:31,174 p=13520 u=abtreece | PLAY RECAP ********************************************************************* | |
2018-03-08 11:01:31,175 p=13520 u=abtreece | default : ok=92 changed=48 unreachable=0 failed=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment