rpms / scap-security-guide

Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.58-rhel7_stig_add_two_grub_rules-PR_7438.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   e3b0486f8f57940693b114708b09181a28621550
  2.   SOURCES
  3.   scap-security-guide-0.1.58-rhel7_stig_add_two_grub_rules-PR_7438.patch
Blob History Raw
9be3b2 
From 172f8632d201380af3c8d4c65883cdb204244e35 Mon Sep 17 00:00:00 2001
9be3b2 
From: Matthew Burket <mburket@redhat.com>
9be3b2 
Date: Fri, 20 Aug 2021 13:21:16 -0500
9be3b2 
Subject: [PATCH] Update existing rules for RHEL-07-010492 and RHEL-07-010482
9be3b2
9be3b2 
---
9be3b2 
 .../bootloader-grub2/non-uefi/grub2_admin_username/rule.yml     | 2 +-
9be3b2 
 .../bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml    | 2 +-
9be3b2 
 products/rhel7/profiles/stig.profile                            | 2 ++
9be3b2 
 3 files changed, 4 insertions(+), 2 deletions(-)
9be3b2
9be3b2 
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
9be3b2 
index bb2f1bae21c..915d8f546df 100644
9be3b2 
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
9be3b2 
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
9be3b2 
@@ -48,7 +48,7 @@ references:
9be3b2 
     ospp: FIA_UAU.1
9be3b2 
     srg: SRG-OS-000080-GPOS-00048
9be3b2 
     stigid@ol7: OL07-00-010480
9be3b2 
-    stigid@rhel7: RHEL-07-010480
9be3b2 
+    stigid@rhel7: RHEL-07-010483
9be3b2 
     stigid@rhel8: RHEL-08-010149
9be3b2
9be3b2 
 ocil_clause: 'it does not'
9be3b2 
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
9be3b2 
index 128d7cc1cb8..d81727fa7b9 100644
9be3b2 
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
9be3b2 
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
9be3b2 
@@ -55,7 +55,7 @@ references:
9be3b2 
     ospp: FIA_UAU.1
9be3b2 
     srg: SRG-OS-000080-GPOS-00048
9be3b2 
     stigid@ol7: OL07-00-010490
9be3b2 
-    stigid@rhel7: RHEL-07-010490
9be3b2 
+    stigid@rhel7: RHEL-07-010492
9be3b2 
     stigid@rhel8: RHEL-08-010141
9be3b2
9be3b2 
 ocil_clause: 'it does not'
9be3b2 
diff --git a/products/rhel7/profiles/stig.profile b/products/rhel7/profiles/stig.profile
9be3b2 
index 67e22982cd1..f073da46836 100644
9be3b2 
--- a/products/rhel7/profiles/stig.profile
9be3b2 
+++ b/products/rhel7/profiles/stig.profile
9be3b2 
@@ -113,8 +113,10 @@ selections:
9be3b2 
     - gnome_gdm_disable_guest_login
9be3b2 
     - sshd_do_not_permit_user_env
9be3b2 
     - disable_host_auth
9be3b2 
+    - grub2_admin_username
9be3b2 
     - grub2_password
9be3b2 
     - require_singleuser_auth
9be3b2 
+    - grub2_uefi_admin_username
9be3b2 
     - grub2_uefi_password
9be3b2 
     - smartcard_auth
9be3b2 
     - package_rsh-server_removed

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation