Eduardo Barretto
Eduardo Barretto
Anyone feel free to correct me here, but I believe at this point SCAP v2 has been discarded by NIST, who has been focusing on OSCAL instead
@hipponix do not merge master into your feature branch, that creates unnecessary commits, please rebase your branch instead
/packit build
> It seems there are issues in the `controls/cis_al2023.yml` file in this PR. The file seems to be copied from RHEL 9, and the titles and section numbers are not...
@PiRomant do you have `libpam-pwquality` installed?
> There is no `libpam-pwquality` after running the script [#12074 (comment)](https://github.com/ComplianceAsCode/content/issues/12074#issuecomment-2195994583). Try installing it, it is part of the whole CIS 5.4.1 solution. Does it solve your issue?
> Yes, it helps. After installing `libpam-pwqualit`, none of the remediation below break `passwd`. However, password restrictions do not apply to root. Root can set a weak password for anyone....
> Yes, and this both now in CIS v2. > > [CIS_Ubuntu_Linux_22.04_LTS_Benchmark_v2.0.0_5.3.1.3 Ensure libpam-pwquality is installed](https://github.com/user-attachments/files/16070872/CIS_Ubuntu_Linux_22.04_LTS_Benchmark_v2.0.0_5.3.1.3.pdf) [CIS_Ubuntu_Linux_22.04_LTS_Benchmark_v2.0.0_5.3.3.2.8 Ensure password quality is enforced for the root user ](https://github.com/user-attachments/files/16070809/CIS_Ubuntu_Linux_22.04_LTS_Benchmark_v2.0.0_5.3.3.2.8.pdf) the ubuntu profile...
Since this is not an issue I'm closing it.