manage systemd files

Signed-off-by: Martin Schurz <[email protected]>

molecule/ssh_hardening/prepare.yml

@@ -62,12 +62,6 @@
         update_cache: true
       when: ansible_facts.os_family == 'Archlinux'
 
-    - name: Created needed directory
-      ansible.builtin.file:
-        path: /var/run/sshd
-        state: directory
-        mode: "0755"
-
     - name: Create ssh host keys # noqa ignore-errors
       ansible.builtin.command: ssh-keygen -A
       when: not ((ansible_facts.os_family in ['Oracle Linux', 'RedHat']) and ansible_facts.distribution_major_version < '7')

molecule/ssh_hardening_bsd/prepare.yml

@@ -18,12 +18,6 @@
     https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
     no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
   tasks:
-    - name: Created needed directory
-      ansible.builtin.file:
-        path: /var/run/sshd
-        state: directory
-        mode: "0755"
-
     - name: Create ssh host keys # noqa ignore-errors
       ansible.builtin.command: ssh-keygen -A
       when: not ((ansible_facts.os_family in ['Oracle Linux', 'RedHat']) and ansible_facts.distribution_major_version < '7')

roles/ssh_hardening/tasks/disable-systemd-socket.yml

@@ -1,13 +1,15 @@
 ---
 - name: Remove ssh service systemd-socket file
   ansible.builtin.file:
-    path: /etc/systemd/system/ssh.service.d/00-socket.conf
+    path: "{{ item }}"
     state: absent
+  loop:
+    - /etc/systemd/system/ssh.service.d/00-socket.conf
+    - /etc/systemd/system/ssh.service.requires/ssh.socket
 
 - name: Disable systemd-socket activation
   ansible.builtin.systemd:
     name: ssh.socket
     state: stopped
     enabled: false
     masked: true
-    daemon_reload: true