diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faildelay_delay/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faildelay_delay/rule.yml index 8555409a4c7b..9e688e8c6a2a 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faildelay_delay/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faildelay_delay/rule.yml @@ -27,6 +27,7 @@ references: srg: SRG-OS-000480-GPOS-00226 stigid@sle12: SLES-12-010370 stigid@sle15: SLES-15-040010 + stigid@ubuntu2204: UBTU-22-412010 ocil_clause: 'the value of delay is not set properly or the line is commented or missing' diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml index bfd91b32179a..66115569010a 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/rule.yml @@ -19,6 +19,7 @@ references: nist: AC-7 (a) srg: SRG-OS-000021-GPOS-00005 stigid@ol8: OL08-00-020021 + stigid@ubuntu2204: UBTU-22-411045 {{% if product == "rhel8" %}} platform: os_linux[rhel]>=8.2 and package[pam] diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml index 7212a67f9415..6b3b70970904 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml @@ -46,6 +46,7 @@ references: srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 stigid@ol7: OL07-00-010320 stigid@ol8: OL08-00-020011 + stigid@ubuntu2204: UBTU-22-411045 {{% if product == "ol8" %}} platform: os_linux[ol]>=8.2 and package[pam] diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml index e012ebd6b3f3..c347525a91c5 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml @@ -42,6 +42,7 @@ references: srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 stigid@ol7: OL07-00-010320 stigid@ol8: OL08-00-020013 + stigid@ubuntu2204: UBTU-22-411045 {{% if product == "ol8" %}} platform: os_linux[ol]>=8.2 and package[pam] diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml index 4590919e58eb..b549aa236077 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml @@ -28,6 +28,7 @@ identifiers: references: srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 stigid@ol8: OL08-00-020019 + stigid@ubuntu2204: UBTU-22-411045 ocil_clause: 'the system shows messages when three unsuccessful logon attempts occur' diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml index bf6799d6f0f4..5f632fdc99eb 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml @@ -47,6 +47,7 @@ references: srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 stigid@ol7: OL07-00-010320 stigid@ol8: OL08-00-020015 + stigid@ubuntu2204: UBTU-22-411045 {{% if product == "ol8" %}} platform: os_linux[ol]>=8.2 and package[pam] diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/vlock_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/vlock_installed/rule.yml index da1771e5bfff..2c6cb2f5a9f3 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/vlock_installed/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/vlock_installed/rule.yml @@ -40,6 +40,7 @@ references: stigid@ol8: OL08-00-020043 stigid@sle12: SLES-12-010070 stigid@sle15: SLES-15-010110 + stigid@ubuntu2204: UBTU-22-412025 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml index 25e02f369671..e30e4494067d 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml @@ -53,6 +53,7 @@ references: stigid@ol8: OL08-00-020260 stigid@sle12: SLES-12-010340 stigid@sle15: SLES-15-020050 + stigid@ubuntu2204: UBTU-22-411035 ocil_clause: 'the value of INACTIVE is greater than the expected value or is -1' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml index b18ceb489871..8bed88f3828d 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml @@ -47,6 +47,7 @@ references: stigid@ol8: OL08-00-020000,OL08-00-020270 stigid@sle12: SLES-12-010331 stigid@sle15: SLES-15-020061 + stigid@ubuntu2204: UBTU-22-411040 ocil_clause: 'any temporary accounts have no expiration date set or do not expire within 72 hours' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml index 638bb17ea5c8..519ac79951c4 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml @@ -50,6 +50,7 @@ references: stigid@ol8: OL08-00-020200 stigid@sle12: SLES-12-010280 stigid@sle15: SLES-15-020220 + stigid@ubuntu2204: UBTU-22-411030 ocil_clause: 'the "PASS_MAX_DAYS" parameter value is greater than "{{{ xccdf_value("var_accounts_maximum_age_login_defs") }}}", or commented out' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml index 942c30a87863..ab3a1f4bbc97 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml @@ -50,6 +50,7 @@ references: stigid@ol8: OL08-00-020190 stigid@sle12: SLES-12-010260 stigid@sle15: SLES-15-020200 + stigid@ubuntu2204: UBTU-22-411025 ocil_clause: 'the "PASS_MIN_DAYS" parameter value is not "{{{ xccdf_value("var_accounts_minimum_age_login_defs") }}}" or greater, or is commented out' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/ensure_sudo_group_restricted/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/ensure_sudo_group_restricted/rule.yml index 93af476cadea..17bce5a187d0 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/ensure_sudo_group_restricted/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/ensure_sudo_group_restricted/rule.yml @@ -22,6 +22,7 @@ severity: medium references: srg: SRG-OS-000134-GPOS-00068 + stigid@ubuntu2204: UBTU-22-432015 warnings: - general: |- diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_duplicate_uids/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_duplicate_uids/rule.yml index 0c8eee75bd17..236090b97694 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_duplicate_uids/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_duplicate_uids/rule.yml @@ -17,6 +17,7 @@ severity: medium references: srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062 + stigid@ubuntu2204: UBTU-22-411015 warnings: - general: |- diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/prevent_direct_root_logins/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/prevent_direct_root_logins/rule.yml index 30e9b236e2ce..5faabd1aa117 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/prevent_direct_root_logins/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/prevent_direct_root_logins/rule.yml @@ -16,6 +16,7 @@ severity: medium references: srg: SRG-OS-000109-GPOS-00056 + stigid@ubuntu2204: UBTU-22-411010 ocil_clause: 'the output does not contain "L" in the second field' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml index 771b65d58cd3..7250c3a4d6b6 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml @@ -41,6 +41,7 @@ references: stigid@ol8: OL08-00-020024 stigid@sle12: SLES-12-010120 stigid@sle15: SLES-15-020020 + stigid@ubuntu2204: UBTU-22-412020 ocil_clause: |- the "maxlogins" item is missing, commented out, or the value is set greater diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml index 99464727bf99..d1aaea63d067 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -65,6 +65,7 @@ references: stigid@ol7: OL07-00-040160 stigid@sle12: SLES-12-010090 stigid@sle15: SLES-15-010130 + stigid@ubuntu2204: UBTU-22-412030 ocil_clause: 'the TMOUT value is not configured, is set to 0, or is not less than or equal to the expected setting' diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml index 2169d4fa5f9c..ad1524361efd 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml @@ -40,6 +40,7 @@ references: stigid@ol8: OL08-00-020351 stigid@sle12: SLES-12-010620 stigid@sle15: SLES-15-040420 + stigid@ubuntu2204: UBTU-22-412035 ocil_clause: 'the value for the "UMASK" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}", or the "UMASK" parameter is missing or is commented out' diff --git a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml index 7f9bedc1ba60..1c4e111b6856 100644 --- a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml +++ b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml @@ -45,6 +45,7 @@ references: srg: SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000312-GPOS-00124,SRG-OS-000324-GPOS-00125,SRG-OS-000326-GPOS-00126,SRG-OS-000370-GPOS-00155,SRG-OS-000480-GPOS-00230,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232 stigid@sle12: SLES-12-010600 stigid@sle15: SLES-15-010390 + stigid@ubuntu2204: UBTU-22-431015 ocil_clause: 'it is not' diff --git a/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml b/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml index 23cfcbdaaffb..97e471e5fa38 100644 --- a/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml +++ b/linux_os/guide/system/apparmor/package_apparmor_installed/rule.yml @@ -16,6 +16,7 @@ identifiers: references: srg: SRG-OS-000368-GPOS-00154,SRG-OS-000312-GPOS-00122,SRG-OS-000312-GPOS-00123,SRG-OS-000312-GPOS-00124,SRG-OS-000324-GPOS-00125,SRG-OS-000370-GPOS-00155 + stigid@ubuntu2204: UBTU-22-431010 template: name: package_installed diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml index 7a41b181031c..1d098b6bb91c 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/rule.yml @@ -39,6 +39,7 @@ references: stigid@ol8: OL08-00-010381 stigid@sle12: SLES-12-010110 stigid@sle15: SLES-15-010450 + stigid@ubuntu2204: UBTU-22-432010 ocil_clause: "!authenticate is specified in the sudo config files" diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml index 9d78c69d2dc6..afa000652ea8 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/rule.yml @@ -40,6 +40,7 @@ references: stigid@ol8: OL08-00-010380 stigid@sle12: SLES-12-010110 stigid@sle15: SLES-15-010450 + stigid@ubuntu2204: UBTU-22-432011 ocil_clause: 'nopasswd is specified in the sudo config files'