Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pam_faillock rules: show XCCDF variables in rule description #10824

Merged
merged 4 commits into from
Jul 12, 2023
Merged

pam_faillock rules: show XCCDF variables in rule description #10824

merged 4 commits into from
Jul 12, 2023

Conversation

vojtapolasek
Copy link
Collaborator

Description:

Modify following rules so that XCCDF variable which is used in their checks and remediations is displayed in the description:

  • accounts_passwords_pam_faillock_deny
  • accounts_passwords_pam_faillock_interval
  • accounts_passwords_pam_faillock_dir
  • accounts_passwords_pam_faillock_unlock_time

Rationale:

It improves customer experience. Previously, when reading the guide, an administrator could not find out what configuration value is actually correct.

Review Hints:

  1. ./build_product rhel7 rhel8 rhel9
  2. review HTML guides and verify that the appropriate variable is shown in the description section. I recommend reviewing the STIG guide.

@vojtapolasek vojtapolasek added bugfix Fixes to reported bugs. usability Enhancements related to usability. Update Rule Issues or pull requests related to Rules updates. STIG STIG Benchmark related. labels Jul 12, 2023
@vojtapolasek vojtapolasek added this to the 0.1.69 milestone Jul 12, 2023
@github-actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate
Copy link

codeclimate bot commented Jul 12, 2023

Code Climate has analyzed commit ccafa26 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 53.5% (0.0% change).

View more on Code Climate.

@marcusburghardt marcusburghardt self-assigned this Jul 12, 2023
marcusburghardt
marcusburghardt approved these changes Jul 12, 2023
View reviewed changes
Copy link
Member

@marcusburghardt marcusburghardt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The information is clear and accurate according to the variable values in the profile. I only noticed the RHEL9 is using deprecated versions of faillock rules. But this doesn't need to be updated in this PR.

@marcusburghardt marcusburghardt merged commit ca444cf into ComplianceAsCode:master Jul 12, 2023
28 of 30 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcusburghardt marcusburghardt marcusburghardt approved these changes

Assignees

@marcusburghardt marcusburghardt

Labels
bugfix Fixes to reported bugs. STIG STIG Benchmark related. Update Rule Issues or pull requests related to Rules updates. usability Enhancements related to usability.
Projects
None yet
Milestone
0.1.69
Development

Successfully merging this pull request may close these issues.
2 participants
@vojtapolasek @marcusburghardt