Make possible to use gid options while mounting /proc with hideproc

roles/common/defaults/main.yml

@@ -22,7 +22,9 @@ with_auto_upgrade: False
 with_logcheck: False
 with_rkhunter: False
 with_chkrootkit: False
+
 with_hideproc: False
+hideproc_gid: ''
 
 with_firewall: False
 firewall_public:

roles/common/tasks/security.yml

@@ -77,4 +77,10 @@
   lineinfile: dest=/etc/fstab regexp='(^proc\s+/proc\s+proc\s+)(\S+)(\s+[0-9]\s+[0-9])\s*$' line='\1defaults,hidepid=2\3' backrefs=yes
   notify:
       - Remount /proc
-  when: with_hideproc
+  when: with_hideproc and hideproc_gid == ''
+
+- name: Update fstab to hide pids from /proc with group id (gid)
+  lineinfile: dest=/etc/fstab regexp='(^proc\s+/proc\s+proc\s+)(\S+)(\s+[0-9]\s+[0-9])\s*$' line='\1defaults,hidepid=2,gid={{hideproc_gid}}\3' backrefs=yes
+  notify:
+      - Remount /proc
+  when: with_hideproc and hideproc_gid != ''