security setting role 추가 및 script 수정

ansible/security_settings/roles/security_settings/tasks/all_setting_mode_change.yml

@@ -0,0 +1,26 @@
+---
+- name: shadow mode change
+  file:
+    path: /etc/shadow
+    mode: 0400
+
+- name: hosts mode change
+  file:
+    path: /etc/hosts
+    #mode: u=rw,g=r,o=r
+    mode: 0600
+
+- name: rsyslog mode change
+  file:
+    path: /etc/rsyslog.conf
+    mode: 0640
+
+- name: crontab mode change [1]
+  file:
+    path: /usr/bin/crontab
+    mode: 0750
+
+- name: crontab mode change [2]
+  file:
+    path: /bin/crontab
+    mode: 0640

ansible/security_settings/roles/security_settings/tasks/main.yml

@@ -5,4 +5,6 @@
 - include: all_setting_root_ssh.yml
 
 - include: debian_setting_password_rule.yml
-  when: ansible_facts.os_family == 'Debian'
+  when: ansible_facts.os_family == 'Debian'
+
+- include: all_setting_mode_change.yml