Benchmark 1.7 and issue fixes #137
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Stig v1r7 release
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Matthew Willis <matthew.willis@outlook.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Merged due to workflow online change
Added Assertion for passwd set on ansible user & workflow update
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Spelling corrections.
Updated STIG-ID RHEL-08-040111 to blacklist bluetooth kernel module
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Allowing non-elevated user TMUX sessions to be accessed. The existing permissions prevented non-elevated user accounts to properly use vlock to access /etc/pam.d/system-auth file with 0640 permissions. Signed-off-by: Matthew Willis <matthew.willis@outlook.com>
This is to match the updated /etc/pam.d/system-auth permissions, which were updated to allowing non-elevated user TMUX sessions to be accessed. The existing permissions prevented non-elevated user accounts to properly use vlock to access /etc/pam.d/system-auth file with 0640 permissions. Signed-off-by: Matthew Willis <matthew.willis@outlook.com>
Updated permissions on /etc/pam.d/system-auth to 0644 from 0640.
Signed-off-by: Bas Meijer <bas.meijer@me.com>
Signed-off-by: Bas Meijer <bas.meijer@me.com>
ansible-lint fixes
Signed-off-by: George Nalen <georgen@mindpointgroup.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
…fixes fix for ZenDesk issue 1138 and other misc. fixes Welcome message action is failing, but not a role related element, will be fixed later
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
|
This commit is a workflow change to ensure working as expected. Does not affect code base. Rather than rebase Accept as is. The signed-off by should be added according to settings even for online changes. |
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
updated audit out file
uk-bolly
approved these changes
Nov 1, 2022
|
Looking forward to the PR! I'm ready to merge this into our pipeline! Thank you team for getting all of these updates to presented on this release. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overall Review of Changes:
Many issue fixes and updates
Issue Fixes:
#104 - README update - cloudint bug when /var noexec
#107 - RHEL-08-020040/41 needs additional configuration
#109 - Broken link for the wiki for Main Variables
#111 - Please tag a release for Benchmark Version 1 Release 7
#115 - List dependencies in requirements.txt
#116 - Inconsistent YAML
#118 - ansible-lint: 648 failure(s), 0 warning(s) on 18 files
#124 - RHEL-08-040090 : Firewall must employ deny-all | Missing Configuration
#125 - RHEL-08-040259: Shall not enable IPv4 Forwarding | Update configuration to latest baseline
#126 - RHEL-08-010141: Unique Superuser Name for Maintenance | Non-Standard Configuration Method
#127 - RHEL-08-010690 / RHEL-08-010770 | Failure in Multiple Steps
#128 - RHEL-08-010050 Banner on Login Screen | Missing Configuration
#130 - Question regarding RHEL-08-010290 / RHEL-08-010291: Enabling FIPS mode even if not required by STIG?
#131 - RHEL-08-020040: TMUX Lock-Command Config | Incomplete Regex
#133 - RHEL-08-010295: GnuTLS Encryption | Line Bug
#134 - RHEL-08-010740: Group Ownership by Home Dir Owner | Incorrect Ownership by "Nobody" in RHEL 8.6
Enhancements:
How has this been tested?:
Locally and pipeline
Signed-off-by: George Nalen georgen@mindpointgroup.com