content

content copied to clipboard

Defined notes and rules for BSI APP.4.4.A18

6

Description: Notes / Rules for BSI APP4.4.A17 Rationale: As we have multiple customers asking for a BSI profile to be included in the compliance-operator, we are contributing a profile. To...

benruland

Defined notes and rules for BSI APP.4.4.A17

5

Description: Notes / Rules for BSI APP4.4.A17 Rationale: As we have multiple customers asking for a BSI profile to be included in the compliance-operator, we are contributing a profile. To...

benruland

BSI APP.4.4.A14+A15

6

#### Description: To check against BSI APP4.4.A14 this PR adds a new rule master_taint_noschedule. This rule checks, if the masters taint is set on master nodes. As we never know...

sluetze

Add Notes and Controls for SYS.1.6.A1-A4

5

#### Description: This PR implements mostly notes and reuses some existing rules. #### Rationale: Customer asked for BSI Profile #### Review Hints: Currently the build is broken due to reference_type...

sluetze

ANSSI BP28 - R28 Misalignments in RHEL 9 Profile

1

#### Description of problem: ANSSI BP28 - R28 Misalignments in RHEL 9 Profile #### Details: This content is not aligned with content from [CONFIGURATION RECOMMENDATIONS OF A GNU/LINUX SYSTEM](https://cyber.gouv.fr/sites/default/files/document/linux_configuration-en-v2.pdf) The...

jlemangarin

Remediating `ospp` on RHEL-10 results in sshd refusing connections

3

#### Description of problem: ``` oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_ospp --progress --report remediation.html --remediate remediation-ds.xml ``` results in a system that boots, but when I try to ssh into it,...

comps

Some systemd rules fail after kickstart installation

2

#### Description of problem: The kickstart remediations provide a way a way to enable and disable systemd services but we don't have a way to enable and disable systemd sockets...

jan-cerny

#### Description of problem: Rule accounts_password_pam_retry fails after kickstart installation of RHEL 9.4 with STIG profile and various other profiles. #### SCAP Security Guide Version: current upstream master branch as...

jan-cerny

#### Description of problem: Rule firewalld_sshd_port_enabled fails after kickstart installation of RHEL 9.4 with STIG profile and various other profiles. First problem is that the rule doesn't have a kickstart...

jan-cerny

Allow and use UUIDs for mount options and point remedations

2

#### Share the context RHEL (and other distros) by default use UUIDs to identify partitions and disks `/etc/fstab` this allows the system to be resilient and able to adapt to...

Mab879