content

content copied to clipboard

[wip] Introduce /static-checks CI also for all Fedora versions

6

#### Description: Re-introduce static-checks, mainly `rpmbuild-ctest`, for all supported Fedora versions. `rpmbuild-ctest` got necessary update related in https://github.com/RHSecurityCompliance/contest/pull/224 Now, it installs recommended packages to enable more unit tests. #### Rationale:...

mildas

#### Description of problem: no_shelllogin_for_systemaccounts, has oval definitions for finding SYS_UID_MIN and SYS_UID_MAX and a couple others, but in the actual generated report, the entirety of /etc/login.defs file is outputted...

MissingThumb

Pattern matching not working correctly for command line

2

Hello, i think the pattern matching should be simply "mfetpd" https://github.com/ComplianceAsCode/content/blob/e6ea793613ea472813ffe59d20e4c23f323da6cc/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/oval/shared.xml#L13 It did not worked with "^mfetpd.*$" personnally. As you can see i have correct output when running the commands...

Hephaisto-dev

Add option to SSGTS to skip templated test scenarios if custom tests are found

1

#### Description of problem: Sometimes templated test scenarios don't cover all possible cases a template can be used. As it's in the case of https://github.com/ComplianceAsCode/content/pull/7405/files#diff-66fb572257ded0d27ec50b0c7c6f8073df416494e02dcbc58a15a50ffefff704 where we can't easily implement...

ggbecker

rhel8 ospp is missing auditd_audispd_syslog_plugin_activated

4

#### Description of problem: The current git version is missing `auditd_audispd_syslog_plugin_activated` in `rhel8/ospp.profile` even though other remote-rsyslog-logging related rules are there. Please add this rule to the profile, it seems...

comps

Defined notes and rules for BSI APP.4.4.A19

9

Description: Notes / Rules for BSI APP4.4.A19 Rationale: As we have multiple customers asking for a BSI profile to be included in the compliance-operator, we are contributing a profile. To...

benruland

Update profile to DISA STIG RHEL 9 V2R1

1

#### Description of problem: The content is misaligned as it currently uses V1R3 of the STIG for RHEL 9. #### Details: The misalignment affects these profiles: STIG, STIG with GUI...

christopher-davidson

Update Ubuntu 22.04 profiles to comply with CIS Benchmark 2.0.0

5

#### Share the context CIS released the benchmark version 2.0.0 for Ubuntu 22.04 on March 2024, leaving the existing profiles in this project outdated. #### Description of problem: Currently the...

uesandiIk

#### Description of problem: bash-fix remediation uses invalid sed syntax for content_rule_kernel_module_usb-storage_disabled. sed replacement must escape the forward `/` in /path/to/file (ie: `/bin/true` should be `\/bin\/true`). Also for consistency, the...

bucs-fan813

Remediating CIS via Ansible on RHEL-10 leads to broken D-BUS

1

#### Description of problem: Unfortunately, I don't have a solution, so the following is just a series of notes from my incomplete investigation. Remediating a pre-built (by CaC/content build system)...

comps