NetworkManager package and PAM stat files fixes

shanedell · shanedell · commit 8faf447b9dd5 · 2025-10-31T00:09:30.000-05:00
- Use proper NetworkManager package for ubuntu2204 and ubuntu2404.
- Resolved issue where using the same register variable outside and inside the block was causing failures.

Signed-off-by: Shane Dell &lt;shanedell100@gmail.com&gt;
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
@@ -12,7 +12,7 @@
 - name: '{{{ rule_title }}} - Check if {{{ pam_file }}} File is Present'
   ansible.builtin.stat:
     path: {{{ pam_file }}}
-  register: result_pam_file_present
+  register: result_pam_password_auth_file_present
 
 - name: '{{{ rule_title }}} - Check The Proper Remediation For The System'
   block:
@@ -46,4 +46,4 @@
         - result_authselect_present.stat.exists
         - result_pam_hashing_options_removal is changed
   when:
-    - result_pam_file_present.stat.exists
+    - result_pam_password_auth_file_present.stat.exists
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/ansible/shared.yml
@@ -18,7 +18,7 @@
 - name: '{{{ rule_title }}} - Check if {{{ pam_file }}} File is Present'
   ansible.builtin.stat:
     path: {{{ pam_file }}}
-  register: result_pam_file_present
+  register: result_pam_auth_file_present
 
 - name: '{{{ rule_title }}} - Check The Proper Remediation For The System'
   block:
@@ -52,4 +52,4 @@
         - result_authselect_present.stat.exists
         - result_pam_hashing_options_removal is changed
   when:
-    - result_pam_file_present.stat.exists
+    - result_pam_auth_file_present.stat.exists
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/ansible/shared.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/ansible/shared.yml
@@ -1,3 +1,9 @@
+{{% if platform_package_overrides.NetworkManager %}}
+{{% set network_manager_package_name = platform_package_overrides.NetworkManager %}}
+{{% else %}}
+{{% set network_manager_package_name = "NetworkManager" %}}
+{{% endif %}}
+
 # platform = multi_platform_all
 # reboot = false
 # strategy = unknown
@@ -32,12 +38,12 @@
     name: "{{ item }}"
     state: present
   with_items:
-    - NetworkManager
+    - {{{ network_manager_package_name }}}
 
 {{%- endif %}}
 
 - name: NetworkManager Deactivate Wireless Network Interfaces
   ansible.builtin.command: nmcli radio wifi off
   when:
-    - "'NetworkManager' in ansible_facts.packages"
+    - "'{{{ network_manager_package_name }}}' in ansible_facts.packages"
     - ansible_facts.services['NetworkManager.service'].state == 'running'
diff --git a/shared/applicability/package.yml b/shared/applicability/package.yml
@@ -69,7 +69,11 @@ args:
       pkgname: snmp
     {{% endif %}}
   networkmanager:
+    {{% if product in ["ubuntu2204", "ubuntu2404"] %}}
+    pkgname: network-manager
+    {{% else %}}
     pkgname: NetworkManager
+    {{% endif %}}
   nftables:
       pkgname: nftables
   nss-pam-ldapd:
diff --git a/shared/macros/10-ansible.jinja b/shared/macros/10-ansible.jinja
@@ -1836,7 +1836,13 @@ Part of the grub2_bootloader_argument_absent template.
 - name: '{{{ rule_title }}} - Check if {{{ pam_file }}} file is present'
   ansible.builtin.stat:
     path: "{{{ pam_file }}}"
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+  register: result_pam_password_auth_file_present
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+  register: result_pam_auth_file_present
+  {{%- else %}}
   register: result_pam_file_present
+  {{%- endif %}}
 
 - name: '{{{ rule_title }}} - Ensure the "{{{ option }}}" option from "{{{ module }}}" is not present in {{{ pam_file }}}'
   ansible.builtin.replace:
@@ -1848,7 +1854,14 @@ Part of the grub2_bootloader_argument_absent template.
     {{%- endif %}}
     replace: '\1\2'
   register: result_pam_option_removal
-  when: result_pam_file_present.stat.exists
+  when:
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+    - result_pam_password_auth_file_present.stat.exists
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+    - result_pam_auth_file_present.stat.exists
+  {{%- else %}}
+    - result_pam_file_present.stat.exists
+  {{%- endif %}}
 {{%- endmacro -%}}
 
 
@@ -2016,7 +2029,13 @@ Part of the grub2_bootloader_argument_absent template.
 - name: '{{{ rule_title }}} - Check if {{{ pam_file }}} file is present'
   ansible.builtin.stat:
     path: {{{ pam_file }}}
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+  register: result_pam_password_auth_file_present
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+  register: result_pam_auth_file_present
+  {{%- else %}}
   register: result_pam_file_present
+  {{%- endif %}}
 
 - name: '{{{ rule_title }}} - Check the proper remediation for the system'
   block:
@@ -2035,7 +2054,13 @@ Part of the grub2_bootloader_argument_absent template.
           (result_pam_{{{ rule_id }}}_add is defined and result_pam_{{{ rule_id }}}_add.changed)
            or (result_pam_{{{ rule_id }}}_edit is defined and result_pam_{{{ rule_id }}}_edit.changed)
   when:
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+    - result_pam_password_auth_file_present.stat.exists
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+    - result_pam_auth_file_present.stat.exists
+  {{%- else %}}
     - result_pam_file_present.stat.exists
+  {{%- endif %}}
 {{%- endmacro -%}}
 
 
@@ -2060,7 +2085,13 @@ Part of the grub2_bootloader_argument_absent template.
 - name: '{{{ rule_title }}} - Check if {{{ pam_file }}} file is present'
   ansible.builtin.stat:
     path: {{{ pam_file }}}
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+  register: result_pam_password_auth_file_present
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+  register: result_pam_auth_file_present
+  {{%- else %}}
   register: result_pam_file_present
+  {{%- endif %}}
 
 - name: '{{{ rule_title }}} - Check the proper remediation for the system'
   block:
@@ -2073,7 +2104,13 @@ Part of the grub2_bootloader_argument_absent template.
         - result_authselect_present.stat.exists
         - result_pam_option_removal is changed
   when:
+  {{%- if pam_file == "/etc/pam.d/password-auth" %}}
+    - result_pam_password_auth_file_present.stat.exists
+  {{%- elif pam_file in ["/etc/pam.d/common-password", "/etc/pam.d/system-auth"] %}}
+    - result_pam_auth_file_present.stat.exists
+  {{%- else %}}
     - result_pam_file_present.stat.exists
+  {{%- endif %}}
 {{%- endmacro -%}}
 
 
