Controls associated with the auditd.rules are failing because -F perm=x is not added #452
Assignees
Labels
Comments
uk-bolly
added a commit
that referenced
this issue
Mar 5, 2024
Signed-off-by: Mark Bolwell <[email protected]>
Merged
uk-bolly
added a commit
that referenced
this issue
Mar 6, 2024
* issue #452 addressed * issue #453 addressed * updated for galaxy_ng reqs --------- Signed-off-by: Mark Bolwell <[email protected]>
uk-bolly
added a commit
that referenced
this issue
Mar 6, 2024
* Specify missing state parameter for package Signed-off-by: Anže Luzar <[email protected]> * Correct with_items indentation for package Signed-off-by: Anže Luzar <[email protected]> * Replace inline strings with module parameters Signed-off-by: Anže Luzar <[email protected]> * updated link Signed-off-by: Mark Bolwell <[email protected]> * lint updates Signed-off-by: Mark Bolwell <[email protected]> * removed old Signed-off-by: Mark Bolwell <[email protected]> * added new defined secrets file Signed-off-by: Mark Bolwell <[email protected]> * added precommit Signed-off-by: Mark Bolwell <[email protected]> * lint updates Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * added pragma allow list Signed-off-by: Mark Bolwell <[email protected]> * updated due to galaxy changes Signed-off-by: Mark Bolwell <[email protected]> * moved file Signed-off-by: Mark Bolwell <[email protected]> * updated path Signed-off-by: Mark Bolwell <[email protected]> * removed quality badge since galaxy-ng Signed-off-by: Mark Bolwell <[email protected]> * Adding additional condition for rhel7stig_grub2_user_cfg for task Signed-off-by: layluke <[email protected]> * updated the workflow version and galaxy setup Signed-off-by: Mark Bolwell <[email protected]> * removed file Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * updated Signed-off-by: Mark Bolwell <[email protected]> * lint update Signed-off-by: Mark Bolwell <[email protected]> * fix typo Signed-off-by: Mark Bolwell <[email protected]> * rhel7stig_boot_part variable now discovered Signed-off-by: Mark Bolwell <[email protected]> * tidy up of rhel7stig_boot_part variable Signed-off-by: Mark Bolwell <[email protected]> * changed logic on 20620 Signed-off-by: Mark Bolwell <[email protected]> * updated logic for uuid Signed-off-by: Mark Bolwell <[email protected]> * removed extra line Signed-off-by: Mark Bolwell <[email protected]> * removed doc dir Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate updates: - [github.com/gitleaks/gitleaks: v8.18.0 → v8.18.1](gitleaks/gitleaks@v8.18.0...v8.18.1) - [github.com/ansible-community/ansible-lint: v6.21.1 → v6.22.2](ansible/ansible-lint@v6.21.1...v6.22.2) - [github.com/adrienverge/yamllint.git: v1.32.0 → v1.33.0](https://github.com/adrienverge/yamllint.git/compare/v1.32.0...v1.33.0) * Issue #446 tag update to always - thanks to @prestonSeaman2 Signed-off-by: Mark Bolwell <[email protected]> * conditional updated 021000 & 021010 #448 thanks @erosen03 Signed-off-by: Mark Bolwell <[email protected]> * [pre-commit.ci] pre-commit autoupdate (#451) updates: - [github.com/gitleaks/gitleaks: v8.18.1 → v8.18.2](gitleaks/gitleaks@v8.18.1...v8.18.2) - [github.com/ansible-community/ansible-lint: v6.22.2 → v24.2.0](ansible/ansible-lint@v6.22.2...v24.2.0) - [github.com/adrienverge/yamllint.git: v1.33.0 → v1.34.0](https://github.com/adrienverge/yamllint.git/compare/v1.33.0...v1.34.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * [pre-commit.ci] pre-commit autoupdate (#454) updates: - [github.com/adrienverge/yamllint.git: v1.34.0 → v1.35.1](https://github.com/adrienverge/yamllint.git/compare/v1.34.0...v1.35.1) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> * Feb 24 updates (#455) * issue #452 addressed * issue #453 addressed * updated for galaxy_ng reqs --------- Signed-off-by: Mark Bolwell <[email protected]> --------- Signed-off-by: Anže Luzar <[email protected]> Signed-off-by: Mark Bolwell <[email protected]> Signed-off-by: layluke <[email protected]> Signed-off-by: uk-bolly <[email protected]> Co-authored-by: Anže Luzar <[email protected]> Co-authored-by: layluke <[email protected]> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
I believe this has now been merged, if you are happy the issues has been addressed we can close this issue? Many thanks uk-bolly |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the Issue
The affected controls are failing now because they added -F perm=x back into the security requirements for the RHEL 7 STIG
Looks like they were removed in 2018 and have recently been added back.
Expected Behavior
In the affected controls -F perm=x should be set
Actual Behavior
In the affected controls -F perm=x is not being set.
Control(s) Affected
RHEL-07-030560
RHEL-07-030570
RHEL-07-030580
RHEL-07-030590
RHEL-07-030630
RHEL-07-030640
RHEL-07-030650
RHEL-07-030660
RHEL-07-030670
RHEL-07-030680
RHEL-07-030690
RHEL-07-030710
RHEL-07-030720
RHEL-07-030740
RHEL-07-030750
RHEL-07-030760
RHEL-07-030770
RHEL-07-030780
RHEL-07-030800
RHEL-07-030810
Possible Solution
-F perm=x should be added to the 99_auditd.rules.j2 file at each control listed above.
The text was updated successfully, but these errors were encountered: