I have two different systems, rhel7 and rhel9. I've been curiously looking at CIS benchmarks for both of these. However, when it comes to disable kernel modules I get confused.
When I look at CIS for rhle7 they advice to put install <MODULE> /bin/true in a modprobe.d/<MODULE> file.
For RHEL9 it seems to be install <MODULE> /bin/false. However, if I look at ansible-lockdown on Github for inspiration they use following option for Rhel9: install <MODULE> /bin/true (Ansible-lockdown)
Please help me understand the difference and what's the correct usage.
