diff --git a/controls/anssi.yml b/controls/anssi.yml index ea88b22c4b38..90b391564ffb 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml @@ -1479,6 +1479,7 @@ controls: - ensure_logrotate_activated # Based on DAT-PA-012 R26, R27 + - rsyslog_filecreatemode - rsyslog_files_ownership - rsyslog_files_groupownership - rsyslog_files_permissions diff --git a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml index 542b3a3dc7ac..099ba0562110 100644 --- a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml @@ -16,6 +16,7 @@ severity: medium identifiers: cce@rhel8: CCE-88321-5 cce@rhel9: CCE-88322-3 + cce@rhel10: CCE-88611-9 cce@sle15: CCE-92599-0 ocil_clause: '$FileCreateMode is not set or is more permissive than 0640' diff --git a/products/rhel10/controls/cis_rhel10.yml b/products/rhel10/controls/cis_rhel10.yml index 0f3c88e5d532..7934783772be 100644 --- a/products/rhel10/controls/cis_rhel10.yml +++ b/products/rhel10/controls/cis_rhel10.yml @@ -2494,8 +2494,8 @@ controls: levels: - l1_server - l1_workstation - status: supported - related_rules: + status: automated + rules: - rsyslog_filecreatemode - id: 6.2.3.5 diff --git a/products/rhel10/controls/nist_800_53/ac.yml b/products/rhel10/controls/nist_800_53/ac.yml index 176ca70437b2..35774c93d3fe 100644 --- a/products/rhel10/controls/nist_800_53/ac.yml +++ b/products/rhel10/controls/nist_800_53/ac.yml @@ -207,6 +207,7 @@ controls: - package_libselinux_installed - package_mcstrans_removed - package_setroubleshoot_removed + - rsyslog_filecreatemode - rsyslog_files_groupownership - rsyslog_files_ownership - rsyslog_files_permissions diff --git a/products/rhel9/controls/cis_rhel9.yml b/products/rhel9/controls/cis_rhel9.yml index 9f8119e996b0..7ef265daaba1 100644 --- a/products/rhel9/controls/cis_rhel9.yml +++ b/products/rhel9/controls/cis_rhel9.yml @@ -2428,8 +2428,8 @@ controls: levels: - l1_server - l1_workstation - status: supported - related_rules: + status: automated + rules: - rsyslog_filecreatemode - id: 6.2.3.5 diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt index 7c9d4b0fba07..36ab2f268c97 100644 --- a/shared/references/cce-redhat-avail.txt +++ b/shared/references/cce-redhat-avail.txt @@ -1078,7 +1078,6 @@ CCE-88607-7 CCE-88608-5 CCE-88609-3 CCE-88610-1 -CCE-88611-9 CCE-88612-7 CCE-88614-3 CCE-88615-0 diff --git a/tests/data/profile_stability/rhel10/anssi_bp28_enhanced.profile b/tests/data/profile_stability/rhel10/anssi_bp28_enhanced.profile index 4176a5e92ba5..75fe3a974d71 100644 --- a/tests/data/profile_stability/rhel10/anssi_bp28_enhanced.profile +++ b/tests/data/profile_stability/rhel10/anssi_bp28_enhanced.profile @@ -230,6 +230,7 @@ partition_for_var_log_audit partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel10/anssi_bp28_high.profile b/tests/data/profile_stability/rhel10/anssi_bp28_high.profile index 9d832289398b..586715f02b9f 100644 --- a/tests/data/profile_stability/rhel10/anssi_bp28_high.profile +++ b/tests/data/profile_stability/rhel10/anssi_bp28_high.profile @@ -296,6 +296,7 @@ partition_for_var_log_audit partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel10/cis.profile b/tests/data/profile_stability/rhel10/cis.profile index 16b906d26aa1..9b1484d50b7c 100644 --- a/tests/data/profile_stability/rhel10/cis.profile +++ b/tests/data/profile_stability/rhel10/cis.profile @@ -360,6 +360,7 @@ partition_for_var_log_audit partition_for_var_tmp postfix_network_listening_disabled root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel10/cis_server_l1.profile b/tests/data/profile_stability/rhel10/cis_server_l1.profile index 1503013f7fdb..2a6f0c47e9c8 100644 --- a/tests/data/profile_stability/rhel10/cis_server_l1.profile +++ b/tests/data/profile_stability/rhel10/cis_server_l1.profile @@ -254,6 +254,7 @@ partition_for_dev_shm partition_for_tmp postfix_network_listening_disabled root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel10/cis_workstation_l1.profile b/tests/data/profile_stability/rhel10/cis_workstation_l1.profile index 600a6fa6564c..37fc3d7a6b29 100644 --- a/tests/data/profile_stability/rhel10/cis_workstation_l1.profile +++ b/tests/data/profile_stability/rhel10/cis_workstation_l1.profile @@ -249,6 +249,7 @@ partition_for_dev_shm partition_for_tmp postfix_network_listening_disabled root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel10/cis_workstation_l2.profile b/tests/data/profile_stability/rhel10/cis_workstation_l2.profile index 6bb02b7348bb..258ad3f27158 100644 --- a/tests/data/profile_stability/rhel10/cis_workstation_l2.profile +++ b/tests/data/profile_stability/rhel10/cis_workstation_l2.profile @@ -357,6 +357,7 @@ partition_for_var_log_audit partition_for_var_tmp postfix_network_listening_disabled root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel8/anssi_bp28_enhanced.profile b/tests/data/profile_stability/rhel8/anssi_bp28_enhanced.profile index 35e15bbc8037..6a0685453819 100644 --- a/tests/data/profile_stability/rhel8/anssi_bp28_enhanced.profile +++ b/tests/data/profile_stability/rhel8/anssi_bp28_enhanced.profile @@ -239,6 +239,7 @@ partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled prefer_64bit_os +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel8/anssi_bp28_high.profile b/tests/data/profile_stability/rhel8/anssi_bp28_high.profile index 254ca9664f2d..4e8596d136ad 100644 --- a/tests/data/profile_stability/rhel8/anssi_bp28_high.profile +++ b/tests/data/profile_stability/rhel8/anssi_bp28_high.profile @@ -309,6 +309,7 @@ partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled prefer_64bit_os +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/anssi_bp28_enhanced.profile b/tests/data/profile_stability/rhel9/anssi_bp28_enhanced.profile index 85ccdf65507a..584aee84ed4b 100644 --- a/tests/data/profile_stability/rhel9/anssi_bp28_enhanced.profile +++ b/tests/data/profile_stability/rhel9/anssi_bp28_enhanced.profile @@ -223,6 +223,7 @@ partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled prefer_64bit_os +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/anssi_bp28_high.profile b/tests/data/profile_stability/rhel9/anssi_bp28_high.profile index b09566249264..03bb2f161e23 100644 --- a/tests/data/profile_stability/rhel9/anssi_bp28_high.profile +++ b/tests/data/profile_stability/rhel9/anssi_bp28_high.profile @@ -297,6 +297,7 @@ partition_for_var_tmp postfix_client_configure_mail_alias postfix_network_listening_disabled prefer_64bit_os +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/cis.profile b/tests/data/profile_stability/rhel9/cis.profile index 98e91fb0c691..466c9cd82035 100644 --- a/tests/data/profile_stability/rhel9/cis.profile +++ b/tests/data/profile_stability/rhel9/cis.profile @@ -329,6 +329,7 @@ partition_for_var_tmp postfix_network_listening_disabled root_path_all_dirs root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/cis_server_l1.profile b/tests/data/profile_stability/rhel9/cis_server_l1.profile index fb24601f97fe..ef833cf898dd 100644 --- a/tests/data/profile_stability/rhel9/cis_server_l1.profile +++ b/tests/data/profile_stability/rhel9/cis_server_l1.profile @@ -229,6 +229,7 @@ partition_for_tmp postfix_network_listening_disabled root_path_all_dirs root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile index 799da33423e1..12470928da64 100644 --- a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile +++ b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile @@ -225,6 +225,7 @@ partition_for_tmp postfix_network_listening_disabled root_path_all_dirs root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile index 1c0764d0da16..98ad4b1515af 100644 --- a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile +++ b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile @@ -326,6 +326,7 @@ partition_for_var_tmp postfix_network_listening_disabled root_path_all_dirs root_path_no_dot +rsyslog_filecreatemode rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions