Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Align RHEL 8 CIS control file with CIS v3.0.0 - Section 6 #11462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Jan 23, 2024
Merged

Align RHEL 8 CIS control file with CIS v3.0.0 - Section 6 #11462

merged 28 commits into from
Jan 23, 2024

Conversation

jan-cerny
Copy link
Collaborator

Description:

In this PR, we change the control file, change references, add existing rules. But, we don't add new rules, and we don't modify other content.
Align RHEL 8 CIS control file with CIS v3.0.0 - Section 6.

@jan-cerny jan-cerny added Update Profile Issues or pull requests related to Profiles updates. RHEL8 Red Hat Enterprise Linux 8 product related. CIS CIS Benchmark related. labels Jan 22, 2024
@jan-cerny jan-cerny added this to the 0.1.72 milestone Jan 22, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 22, 2024

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label Jan 22, 2024
@github-actions GitHub Actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@qlty-cloud-legacy Qlty Cloud (Legacy)
Copy link

Code Climate has analyzed commit 2981f85 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 58.5% (0.0% change).

View more on Code Climate.

@jan-cerny jan-cerny marked this pull request as ready for review January 22, 2024 15:16
@jan-cerny jan-cerny requested a review from a team as a code owner January 22, 2024 15:16
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Used by openshift-ci bot. label Jan 22, 2024
@Mab879 Mab879 self-assigned this Jan 23, 2024
Mab879
Mab879 approved these changes Jan 23, 2024
View reviewed changes
Copy link
Member

@Mab879 Mab879 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

The Fedora Rawhide failures are expected and can be waived.

controls/cis_rhel8.yml

- id: 6.1.5
- id: 6.1.3
title: Ensure permissions on /etc/security/opasswd are configured (Automated)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will note the this is a deviation from the benchmark, but I think it makes sense.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, the description is ok but the title is not correct in the policy. I saw it was already updated for a future release: https://workbench.cisecurity.org/sections/2299710/recommendations/3684693

@Mab879 Mab879 merged commit 75da806 into ComplianceAsCode:master Jan 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcusburghardt marcusburghardt marcusburghardt left review comments

@Mab879 Mab879 Mab879 approved these changes

Assignees

@Mab879 Mab879

Labels
CIS CIS Benchmark related. RHEL8 Red Hat Enterprise Linux 8 product related. Update Profile Issues or pull requests related to Profiles updates.
Projects
None yet
Milestone
0.1.72
Development

Successfully merging this pull request may close these issues.
3 participants
@jan-cerny @Mab879 @marcusburghardt