Merge pull request ComplianceAsCode#19 from SUSE/SLES-12-020060

guangyee · Dec 10, 2020 · 7cc973e · 7cc973e
2 parents 0a02e6b + aeca62f
commit 7cc973e
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 3 deletions.
diff --git a/.../auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/.../auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
 # reboot = false
 # strategy = restrict
 # complexity = low

diff --git a/...stem/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/...stem/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle
 
 # Include source function library.
 . /usr/share/scap-security-guide/remediation_functions

diff --git a/...ide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/...ide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml
@@ -10,7 +10,10 @@ description: |-
     <pre>disk_full_action = <i>ACTION</i></pre>
     Set this value to <tt>single</tt> to cause the system to switch to single-user
     mode for corrective action. Acceptable values also include <tt>syslog</tt>,
-    <tt>exec</tt>, <tt>single</tt>, and <tt>halt</tt>. For certain systems, the need for availability
+    {{% if product != "sle12" %}}
+    <tt>exec</tt>,
+    {{% endif %}}
+    <tt>single</tt>, and <tt>halt</tt>. For certain systems, the need for availability
     outweighs the need to log all actions, and a different setting should be
     determined. Details regarding all possible values for <i>ACTION</i> are described in the
     <tt>auditd.conf</tt> man page.
@@ -23,6 +26,7 @@ severity: medium
 
 identifiers:
     cce@rhcos4: CCE-82676-8
+    cce@sle12: CCE-83032-3
 
 references:
     nist: AU-5(b),AU-5(2),AU-5(1),AU-5(4),CM-6(a)
@@ -32,6 +36,10 @@ references:
     cobit5: APO11.04,APO12.06,APO13.01,BAI03.05,BAI04.04,BAI08.02,DSS02.02,DSS02.04,DSS02.07,DSS03.01,DSS05.04,DSS05.07,MEA02.01
     iso27001-2013: A.12.1.3,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.16.1.4,A.16.1.5,A.16.1.7,A.17.2.1
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8
+    stigid@sle12: SLES-12-020060
+    srg@sle12: SRG-OS-000047-GPOS-00023
+    disa@sle12: CCI-000140
+    nist@sle12: AU-5(b),AU-5.1(iv)
 
 ocil_clause: 'the system is not configured to switch to single-user mode for corrective action'
 

diff --git a/sle12/profiles/stig.profile b/sle12/profiles/stig.profile
@@ -18,6 +18,7 @@ selections:
     - sshd_enable_x11_forwarding
     - gnome_gdm_disable_automatic_login
     - no_user_host_based_files
+    - auditd_data_disk_full_action
     - postfix_client_configure_mail_alias
     - accounts_logon_fail_delay 
     - no_host_based_files