minor fixups

Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>

Author: schurzi

.config/ansible-lint.yml

@@ -3,9 +3,9 @@
 # exclude_paths included in this file are parsed relative to this file's location
 # and not relative to the CWD of execution. CLI arguments passed to the --exclude
 # option will be parsed relative to the CWD of execution.
+# add all waivers individually, since exclude_files does not support globs
 exclude_paths:
   - .cache/ # implicit unless exclude_paths is defined in config
-  # add all waivers individually, since exclude_files does not support globs
   - molecule/os_hardening/waivers.yaml
   - molecule/ssh_hardening_bsd/waivers_freebsd13.yaml
   - molecule/ssh_hardening_bsd/waivers_freebsd14.yaml

roles/os_hardening/defaults/main.yml

@@ -146,7 +146,7 @@ sysctl_config:
   # The PTRACE system is used for debugging.  With it, a single user process
   # can attach to any other dumpable process owned by the same user.  In the
   # case of malicious software, it is possible to use PTRACE to access
-  # credentials that exist in memory (re-using existing SSH connections,
+  # credentials that exist in memory (reusing existing SSH connections,
   # extracting GPG agent information, etc).
   #
   # A PTRACE scope of "0" is the more permissive mode.  A scope of "1" limits