RHEL8-CIS icon indicating copy to clipboard operation
RHEL8-CIS copied to clipboard

Published 20 hours ago verified publisher icon ansible-lockdown

Metadata

Ansible role for Red Hat 8 CIS Baseline

Results 32 RHEL8-CIS issues
Sort by recently updated
recently updated
newest added

updated workflows

Signed-off-by: Mark Bolwell **Overall Review of Changes:** Workflow update **How has this been tested?:** Manually

uk-bolly avatar uk-bolly

Package discrepency report is too noisy (maybe?)

1 comment

**Describe the Issue** At the end of a run the following output is collected: ``` rpm -Va --nomtime --nosize --nomd5 --nolinkto ``` This reports a lot of interesting information, however,...

Thulium-Drake avatar Thulium-Drake

bug

Validate all variables in default/main.yml are still required

**Summary of Request** Tidy up of defaults/main.yml legacy variables still exist including ssh ciphers etc **Suggested Code** Tidy up the variables

uk-bolly avatar uk-bolly

enhancement

5.6.5 - umask settings

**Describe the Issue** control 5.6.5 has many options and ways listed **Expected Behavior** /etc/login.defs and all /etc/profile.d/*sh files **Actual Behavior** some are being resolved more to do **Control(s) Affected** 5.6.5...

uk-bolly avatar uk-bolly

bug

Section 1.1.7.4 - 1.1.7.5

2 comment

**Question** Shouldn't there be more todo than just adding userquota and groupquota? According to the CIS Benchmark document following steps are taken: * add boot option * remount * create...

flwitten avatar flwitten

question

Hide userlist in GDM, is that a control?

2 comment

**Question** While looking into the rules for GDM (to debug a different issue) the following question arose: Why doesn't GDM hide all users that previously logged in? Is that simply...

Thulium-Drake avatar Thulium-Drake

question

Chrony configuration is customized for Debian, not RHEL8

**Describe the Issue** Paths in templates/chrony.conf.j2 doesn't match paths for RHEL8. Other parameters should also be inspected to make sure they're customized for RHEL8 (https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/using-chrony_configuring-basic-system-settings). **Expected Behavior** Path to `chrony.keys`...

OscarElits avatar OscarElits

bug

Alternate implementation for #225

**Overall Review of Changes:** Alternate for #225 **Issue Fixes:** Please list (using linking) any open issues this PR addresses **Enhancements:** Alternate for #225 **How has this been tested?:** N/A

Thulium-Drake avatar Thulium-Drake

Reworked auditd tasks into a more universal version

**Overall Review of Changes:** I reworked the separate tasks that configure different keys for auditd into a version that will allow for easy extensibility. This can also allow users to...

Thulium-Drake avatar Thulium-Drake

rsyslogd: unknown priority name "emrg" [v8.2102.0-15.el8]

https://github.com/ansible-lockdown/RHEL8-CIS/blob/79cdd222dcd17def9a22ddb932d858bae27867e7/tasks/section_4/cis_4.2.1.x.yml#L130 [docs](https://www.rsyslog.com/doc/configuration/examples.html#selector-lines)

bbaassssiiee avatar bbaassssiiee

Metadata

247
Stars
156
Forks
Watchers

Owner

verified publisher icon ansible-lockdown

Metadata

Ansible role for Red Hat 8 CIS Baseline

Back