I'm probably missing the point here, but I don't understand. Ansible is
agentless and doesn't require anything to run plays/tasks on a remote
system other than an ssh connection/account and the proper privileges
for that account. At the end of the day, it may end up running a command
line via the "shell" module anyway, so what's the point?
What does ansible being available have anything to do with remediation
of the target system? You only install ansible on the control system,
not the target usually unless you're using the pull mechanism? I think
it would be nice to have ansible plays that can do the remediation, but
you can do that without having ansible installed on the target system...
?? confused ??
On 08/01/2017 04:20 PM, Shawn Wells wrote:
RHEL 7.4 is out! That means we can now be public on how Ansible is
shipping as part of the rhel-7-server-extras-rpms channel:
https://access.redhat.com/downloads/content/ansible/2.3.1.0-3.el7/noarch/fd431d51/package
Now that we can ensure every RHEL install has access to Ansible, is it
time to remove the bash scripts?
The original premise of bash script inclusion was "bash is everywhere
RHEL is" ..... and now Ansible carries the same truth.
Potential downside for discussion:
Ansible binaries ship in the extras channel versus the core
rhel-7-server (or whatever it's called). Will users mind enabling the
extras channel?
_______________________________________________
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org
_______________________________________________
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org
