Security role should use pam_faillock for V-38501 on CentOS
Bug #1583788 reported by
Major Hayden
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack-Ansible |
Won't Fix
|
Wishlist
|
Major Hayden | ||
Bug Description
Ubuntu doesn't package pam_faillock, so fail2ban was used to satisfy the requirements in V-38501. CentOS 7 has pam_faillock and it should be used on CentOS 7 to more closely align with the STIG's requirements.
| Changed in openstack-ansible: | |
| status: | New → Confirmed |
Revision history for this message
| Major Hayden (rackerhacker) wrote | #1 |
| Changed in openstack-ansible: | |
| status: | Confirmed → Won't Fix |
To post a comment you must log in.
The RHEL 6 content is being deprecated and pam_faillock is used in the RHEL 7 STIG content.