Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add rules related to permissions of /var/log and /var/log/messages #6861

Merged
merged 4 commits into from Apr 21, 2021
Merged

Add rules related to permissions of /var/log and /var/log/messages #6861

merged 4 commits into from Apr 21, 2021

Conversation

ggbecker
Copy link
Member

Description:

  • Add rules related to permissions of /var/log and /var/log/messages

@guangyee I renamed one of the SLE rules related /var/log/messages to this as I think it's more appropriate, see: a9d4350

@ggbecker ggbecker added this to the 0.1.56 milestone Apr 19, 2021
@openscap-ci
Copy link
Collaborator

openscap-ci commented Apr 19, 2021
edited

Changes identified:
Rules:
 file_permissions_local_var_log_messages
Profiles:
 stig on rhel8
 rhelh-stig on rhel8
 stig on sle12
 stig on sle15

Show details

Rule file_permissions_local_var_log_messages:
 Attribute value changed in OVAL check.
Profile stig on rhel8:
 Rule file_owner_var_log_messages, file_permissions_var_log, file_owner_var_log, file_groupowner_var_log, file_permissions_var_log_messages, file_groupowner_var_log_messages added to stig profile.
Profile rhelh-stig on rhel8:
 RHELH-STIG profile extends changed STIG profile.
Profile stig on sle12:
 Rule file_permissions_local_var_log_messages added to stig profile.
 Rule file_permissions_var_log_messages removed from stig profile.
Profile stig on sle15:
 Rule file_permissions_local_var_log_messages added to stig profile.
 Rule file_permissions_var_log_messages removed from stig profile.

Recommended tests to execute:
 build_product sle12
 tests/test_suite.py rule --libvirt qemu:///system test-suite-vm --remediate-using bash --datastream build/ssg-sle12-ds.xml file_permissions_local_var_log_messages
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-sle12-ds.xml stig
 build_product sle15
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-sle15-ds.xml stig
 build_product rhel8
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhel8-ds.xml stig
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-rhel8-ds.xml rhelh-stig

JAORMX
JAORMX approved these changes Apr 20, 2021
View reviewed changes
Copy link
Contributor

@JAORMX JAORMX left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these would be nice to have in the RHCOS4 moderate profile

@carlosmmatos
Copy link
Contributor

/retest

@JAORMX
Copy link
Contributor

JAORMX commented Apr 21, 2021

/test e2e-aws-ocp4-e8

@carlosmmatos carlosmmatos merged commit ed0d451 into ComplianceAsCode:master Apr 21, 2021
@marcusburghardt marcusburghardt added RHEL8 Red Hat Enterprise Linux 8 product related. STIG STIG Benchmark related. labels Jun 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JAORMX JAORMX JAORMX approved these changes

Assignees
No one assigned
Labels
RHEL8 Red Hat Enterprise Linux 8 product related. STIG STIG Benchmark related.
Projects
None yet
Milestone
0.1.56
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@ggbecker @openscap-ci @carlosmmatos @JAORMX @marcusburghardt