X-Git-Url: https://gerrit.akraino.org/r/gitweb?p=ta%2Finfra-ansible.git;a=blobdiff_plain;f=roles%2Fops-hardening%2Ftasks%2Fmain.yaml;fp=roles%2Fops-hardening%2Ftasks%2Fmain.yaml;h=3b75d16d88060e1662870ebf0cf672b1227d160d;hp=5558cd0296aa25f0f56cc34493af5fa8d20b1314;hb=e5776805848728d0aac93078223585f725b84c5e;hpb=070e5c7e2d2ac18fc59f3fe83d364062f4883050

diff --git a/roles/ops-hardening/tasks/main.yaml b/roles/ops-hardening/tasks/main.yaml
index 5558cd0..3b75d16 100644
--- a/roles/ops-hardening/tasks/main.yaml
+++ b/roles/ops-hardening/tasks/main.yaml
@@ -69,6 +69,14 @@
 #
 # Linux Failed password attempts
 #
+- name: "Ensure authconfig is properly configured"
+  command: authconfig --updateall
+  with_items:
+    - /etc/pam.d/system-auth-ac
+    - /etc/pam.d/password-auth-ac
+  when: not (item|exists and item|is_file)
+  tags:
+    - REC-443
 
 - name: "Set Deny for failed password attempts 1"
   lineinfile: