Merge branch 'devel' into cis_v3

Signed-off-by: Mark Bolwell <[email protected]>

templates/etc/systemd/system/tmp.mount.j2

@@ -0,0 +1,22 @@
+## This file is managed by Ansible, YOUR CHANGED WILL BE LOST!
+
+
+[Unit]
+Description=Temporary Directory (/tmp)
+Documentation=man:hier(7)
+Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
+ConditionPathIsSymbolicLink=!/tmp
+DefaultDependencies=no
+Conflicts=umount.target
+Before=local-fs.target umount.target
+After=swap.target
+
+[Mount]
+What=tmpfs
+Where=/tmp
+Type=tmpfs
+Options=mode=1777,strictatime,{% if amazon2cis_rule_1_1_3 %}noexec,{% endif %}{% if amazon2cis_rule_1_1_4 %}nodev,{% endif %}{% if amazon2cis_rule_1_1_5 %}nosuid{% endif %}
+
+# Make 'systemctl enable tmp.mount' work:
+[Install]
+WantedBy=local-fs.target