hardening: use default ptrace scope on buildservers

Making 'kernel.yama.ptrace_scope' more strict by setting it to '2' causes failures in elfutils' test suite. While tentatively helpful on other servers, it seems kind of unnecessary for a build server.

Fixes: #424 (closed) (to be reopened though, if more restrictions are found)

roles/hardening/tasks/main.yml

@@ -7,6 +7,7 @@
 
 - name: set ptrace scope, restrict ptrace to CAP_SYS_PTRACE
   copy: src=50-ptrace-restrict.conf dest=/etc/sysctl.d/50-ptrace-restrict.conf owner=root group=root mode=0644
+  when: "'buildservers' not in group_names"
   notify:
     - apply sysctl settings