Including this security role and running the Ansible Playbook on a Fedora Server 35 target produces an error regarding undefined variables.

TASK [geerlingguy.security : Install automatic update utility.] ****************
fatal: [<my-fedora35-target>]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'update_utility' is undefined\n\nThe error appears to be in '/vagrant/roles/geerlingguy.security/tasks/autoupdate-RedHat.yml': line 16, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Install automatic update utility.\n  ^ here\n"}

I've found the origin of the issue, located on the line 8 of tasks/autoupdate-RedHat.yml. The condition is too strict and seem to only apply to RHEL targets rather than DNF-vs-YUM.

Running the playbook with those values defined:

update_utility: dnf-automatic
update_service: dnf-automatic-install.timer
update_conf_path: /etc/dnf/automatic.conf

works but it would be better if this ansible-role could support other Redhat based distributions.

Here is the output of Ansible, showing that the set_fact step is skipped:

TASK [geerlingguy.security : Set correct automatic update utility vars (RHEL 8).] ***
skipping: [<my-fedora35-target>]

TASK [geerlingguy.security : Set correct automatic update utility vars (RHEL <= 7).] ***
skipping: [<my-fedora35-target>]

Thank you for your awesome Ansible roles, they really saves me a lot of headaches!

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.

This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.