lint updates

Signed-off-by: Mark Bolwell <[email protected]>

CONTRIBUTING.rst

@@ -66,4 +66,4 @@ following text in your contribution commit message:
 
 This message can be entered manually, or if you have configured git
 with the correct `user.name` and `user.email`, you can use the `-s`
-option to `git commit` to automatically include the signoff message.
+option to `git commit` to automatically include the signoff message.

templates/ansible_vars_goss.yml.j2

@@ -3,13 +3,11 @@ audit_run: ansible # This is forced to wrapper by running the run_audit wrapper
 
 benchmark_version: '2.0.1'
 
-
-# Some audit tests may need to scan every filesystem or have an impact on a system 
+# Some audit tests may need to scan every filesystem or have an impact on a system
 # these may need be scheduled to minimise impact also ability to set a timeout if taking too long
 run_heavy_tests: {{ audit_run_heavy_tests }}
 timeout_ms: {{ audit_cmd_timeout }}
 
-
 ubtu20cis_section1: true
 ubtu20cis_section2: true
 ubtu20cis_section3: true
@@ -281,7 +279,6 @@ ubtu20cis_rule_5_1_2_7: {{ ubtu20cis_rule_5_1_2_7 }}
 
 ubtu20cis_rule_5_1_3: {{ ubtu20cis_rule_5_1_3 }}
 
-
 ubtu20cis_rule_5_2_1_1: {{ ubtu20cis_rule_5_2_1_1 }}
 ubtu20cis_rule_5_2_1_2: {{ ubtu20cis_rule_5_2_1_2 }}
 ubtu20cis_rule_5_2_1_3: {{ ubtu20cis_rule_5_2_1_3 }}
@@ -339,7 +336,6 @@ ubtu20cis_rule_6_1_11: {{ ubtu20cis_rule_6_1_11 }}
 ubtu20cis_rule_6_1_12: {{ ubtu20cis_rule_6_1_12 }}
 ubtu20cis_rule_6_1_13: {{ ubtu20cis_rule_6_1_13 }}
 
-
 ubtu20cis_rule_6_2_1: {{ ubtu20cis_rule_6_2_1 }}
 ubtu20cis_rule_6_2_2: {{ ubtu20cis_rule_6_2_2 }}
 ubtu20cis_rule_6_2_3: {{ ubtu20cis_rule_6_2_3 }}
@@ -353,7 +349,6 @@ ubtu20cis_rule_6_2_10: {{ ubtu20cis_rule_6_2_10 }}
 ubtu20cis_rule_6_2_11: {{ ubtu20cis_rule_6_2_11 }}
 ubtu20cis_rule_6_2_12: {{ ubtu20cis_rule_6_2_12 }}
 
-
 # AIDE
 ubtu20cis_config_aide: true
 
@@ -442,7 +437,6 @@ ubtu20_exim_conf:
   - dc_mailname_in_oh='true'
   - dc_localdelivery='mail_spool'
 
-
 ubtu20cis_rsyncd_server: {{ ubtu20cis_rsync_server }}
 ubtu20cis_nis_server: {{ ubtu20cis_nis_server }}
 
@@ -455,15 +449,13 @@ ubtu20cis_telnet_required: {{ ubtu20cis_telnet_required }}
 ubtu20cis_ldap_clients_required: {{ ubtu20cis_ldap_clients_required }}
 ubtu20cis_rpc_required: {{ ubtu20cis_rpc_required }}
 
-
 # Section 3
 # IPv6 required
 ubtu20cis_ipv6_required: {{ ubtu20cis_ipv6_required }}
 
 # System network parameters (host only OR host and router)
 ubtu20cis_is_router: false
 
-
 ubtu20cis_firewall: {{ ubtu20cis_firewall_package }}
 
 ubtu20_default_firewall_zone: public
@@ -519,7 +511,6 @@ ubtu20cis_ssh_weak_kex:
   - diffie-hellman-group14-sha1
   - diffie-hellman-group-exchange-sha1
 
-
 ubtu20cis_ssh_aliveinterval: 300
 ubtu20cis_ssh_countmax: 3
 ## PAM

templates/audit/ubtu20cis_5_2_3_6_privileged.rules.j2

@@ -1,3 +1,3 @@
-{% for proc in priv_procs.stdout_lines -%} 
+{% for proc in priv_procs.stdout_lines -%}
 -a always,exit -F path={{ proc }} -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged
 {% endfor %}

templates/chrony.conf.j2

@@ -90,4 +90,4 @@ logchange 0.5
 # change it if necessary.
 rtconutc
 
-user {{ ubtu20cis_chrony_user }}
+user {{ ubtu20cis_chrony_user }}

templates/etc/systemd/timesyncd.conf.d/50-timesyncd.conf.j2

@@ -6,6 +6,4 @@
 
 NTP={% for pool in ubtu20cis_time_pool %}{{ pool.name }}{% endfor %}
 
-
 FallbackNTP={% for servers in ubtu20cis_time_servers %}{{ servers.name }} {% endfor %}
-

templates/ntp.conf.j2

@@ -66,4 +66,4 @@ restrict source notrap nomodify noquery
 #fudge 127.127.8.1 time1 0.0042        # relative to PPS for my hardware
 
 #server 127.127.22.1                   # ATOM(PPS)
-#fudge 127.127.22.1 flag3 1            # enable PPS API
+#fudge 127.127.22.1 flag3 1            # enable PPS API