content

content copied to clipboard

no_shelllogin_for_systemaccounts is misaligned with DISA

6

#### Description of problem: no_shelllogin_for_systemaccounts is misaligned with DISA #### Details: Needs broader investigation. At the first sight it seems that the SSG check is more complex and allows more...

jan-cerny

Re-enable runtime check on network related sysctls

9

#### Description: - Re-add the syctl runtime checks to test https://github.com/ComplianceAsCode/compliance-operator/pull/497 #### Rationale: - It seems taht when CO's "scanner" pod has "HostNetwork" option set to true, these sysctls are...

yuumasato

OCPBUGS-31510: change the analysis to not include ImageStreamTag

19

#### Description: ImageStreamTag is improperly considered with the rule.yaml #### Rationale: https://issues.redhat.com/browse/OCPBUGS-31510 #### Review Hints: The logic changes are for rhcos4-disa-stig.

prb112

#### Description of problem: After applying remediation for CIS 5.2.3.4 "Ensure events that modify date and time information are collected" it still fails in the CIS Security Assessor. This is...

Mackemania

#### Description of problem: The build process failed to build rhel8 content in lab1 environment. #### SCAP Security Guide Version: Online workshop [5738d71](https://github.com/ComplianceAsCode/content/commit/5738d71191cc04d09a523f72f6cbc185d4bfa0e5) #### Operating System Version: Online workshop ####...

qnfm

#### Share the context The ansible_facts.mounts used on in the task "Ensure non-root local partitions are mounted with nodev option" is using a stale copy of ansible_facts and As this...

msakhwand

[DO NOT MERGE] Testing commit for TF logs workaround

5

#### Description: TF test commit

mildas

OpenSCAP returns warning for rule accounts_password_last_change_is_in_past

2

#### Description of problem: When running the OVAL check for the rule `accounts_password_last_change_is_in_past` this warning is returned: ``` Entity name 'value' from state (id: 'oval:ssg-state_accounts_password_last_change_time_diff:ste:1') not found in item (id:...

mpurg

RHEL-08-010161 and RHEL-09-611205 removing keytab files, breaking sssd (misaligned with DISA)

1

#### Description of problem: https://www.stigviewer.com/stig/red_hat_enterprise_linux_8/2023-09-11/finding/V-230238 The above STIG audits the presence of any keytab files in the location: `/etc/*.keytab` However, this STIG has been revised since 2020 to state that...

GitYukari

Draft: Defined notes and rules for control BSI APP4.4.A17 - APP4.4.A19

7

Description: Notes / Rules for BSI APP4.4.A17 - APP4.4.A19 added. Rationale: As we have multiple customers asking for a BSI profile to be included in the compliance-operator, we are contributing...

benruland