Disable Apport Service

$ sudo systemctl mask --now apport.service

SYSTEMCTL\_EXEC='/usr/bin/systemctl'
"$SYSTEMCTL\_EXEC" stop 'apport.service'
"$SYSTEMCTL\_EXEC" disable 'apport.service'
"$SYSTEMCTL\_EXEC" mask 'apport.service'
# Disable socket activation if we have a unit file for it
if "$SYSTEMCTL\_EXEC" -q list-unit-files apport.socket; then
 "$SYSTEMCTL\_EXEC" stop 'apport.socket'
 "$SYSTEMCTL\_EXEC" mask 'apport.socket'
fi
# The service may not be running because it has been started and failed,
# so let's reset the state so OVAL checks pass.
# Service should be 'inactive', not 'failed' after reboot though.
"$SYSTEMCTL\_EXEC" reset-failed 'apport.service' || true

- name: Block Disable service apport
 block:

 - name: Disable service apport
 block:

 - name: Disable service apport
 systemd:
 name: apport.service
 enabled: 'no'
 state: stopped
 masked: 'yes'
 rescue:

 - name: Intentionally ignored previous 'Disable service apport' failure, service
 was already disabled
 meta: noop
 tags:
 - disable\_strategy
 - low\_complexity
 - low\_disruption
 - no\_reboot\_needed
 - service\_apport\_disabled
 - unknown\_severity

- name: Unit Socket Exists - apport.socket
 command: systemctl list-unit-files apport.socket
 register: socket\_file\_exists
 changed\_when: false
 failed\_when: socket\_file\_exists.rc not in [0, 1]
 check\_mode: false
 tags:
 - disable\_strategy
 - low\_complexity
 - low\_disruption
 - no\_reboot\_needed
 - service\_apport\_disabled
 - unknown\_severity

- name: Disable socket apport
 systemd:
 name: apport.socket
 enabled: 'no'
 state: stopped
 masked: 'yes'
 when: '"apport.socket" in socket\_file\_exists.stdout\_lines[1]'
 tags:
 - disable\_strategy
 - low\_complexity
 - low\_disruption
 - no\_reboot\_needed
 - service\_apport\_disabled
 - unknown\_severity