rpms / scap-security-guide

Clone
Source Code
GIT

Files

  1.   c957b4e696e5ecf0a69844b2dd37d073e4d34868
  2.   SOURCES
  3.   scap-security-guide-0.1.50-audit_login_events_references_PR_5296.patch
Blob Blame History Raw 
From f1889f8d92324bea16a6f41726ec0bbca52ef0f2 Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Mon, 16 Mar 2020 17:34:12 +0100
Subject: [PATCH 1/2] Select rules for audit login events

---
 .../audit_login_events/audit_rules_login_events/rule.yml   | 1 -
 .../audit_rules_login_events_faillock/rule.yml             | 1 +
 .../audit_rules_login_events_lastlog/rule.yml              | 2 +-
 4 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
index 45367cf313..0a9a73caac 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
@@ -34,7 +34,6 @@ identifiers:
 references:
     nist@rhel6: AC-3(10)
     nist-csf@rhel6: PR.AC-4,PR.AC-6,PR.PT-3
-    cis: 5.2.8
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: 172,2884
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
index 4d2af18816..257e99fb48 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -31,6 +31,7 @@ identifiers:
 
 references:
     cis: 5.2.8
+    cis@rhel8: 4.1.4
     cui: 3.1.7
     disa: 172,2884,126
     hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e)
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
index 355004ae98..7400d6a0d3 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -30,7 +30,7 @@ identifiers:
     cce@ocp4: 82584-4
 
 references:
-    cis: 5.2.8
+    cis@rhel8: 4.1.4
     cui: 3.1.7
     disa: 172,2884,126
     hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e)

From a6d171b6fcea7042b17e07b2e8598c5523d92f28 Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Thu, 19 Mar 2020 11:44:51 +0100
Subject: [PATCH 2/2] Add RHEL7 CIS references for login events rules

---
 .../audit_rules_login_events_faillock/rule.yml                  | 2 +-
 .../audit_rules_login_events_lastlog/rule.yml                   | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
index 257e99fb48..eacab5f522 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -30,7 +30,7 @@ identifiers:
     cce@ocp4: 82583-6
 
 references:
-    cis: 5.2.8
+    cis@rhel7: 4.1.8
     cis@rhel8: 4.1.4
     cui: 3.1.7
     disa: 172,2884,126
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
index 7400d6a0d3..7fce76ab02 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -30,6 +30,7 @@ identifiers:
     cce@ocp4: 82584-4
 
 references:
+    cis@rhel7: 4.1.8
     cis@rhel8: 4.1.4
     cui: 3.1.7
     disa: 172,2884,126

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation