From f28e22a8f27fbc6ff8c4fbe6a8890d3ea563c173 Mon Sep 17 00:00:00 2001 From: guangyee Date: Thu, 10 Dec 2020 18:51:33 +0100 Subject: [PATCH] Add rules for SLES-12-010210 STIG --- .../ansible/shared.yml | 2 +- .../set_password_hashing_algorithm_logindefs/rule.yml | 4 +++- sle12/profiles/stig.profile | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml index 7ec8b4670c15..8dedf993cfaf 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml @@ -1,4 +1,4 @@ -# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml index d68d4e843277..96ffec0eaa6b 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019 +prodtype: fedora,ol7,ol8,rhel7,rhel8,rhv4,wrlinux1019,sle12 title: 'Set Password Hashing Algorithm in /etc/login.defs' @@ -21,6 +21,7 @@ severity: medium identifiers: cce@rhel7: CCE-82050-6 cce@rhel8: CCE-80892-3 + cce@sle12: CCE-83029-9 references: stigid@ol7: OL07-00-010210 @@ -33,6 +34,7 @@ references: pcidss: Req-8.2.1 srg: SRG-OS-000073-GPOS-00041 stigid@rhel7: RHEL-07-010210 + stigid@sle12: SLES-12-010210 isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.1' isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.2,4.3.3.7.4 cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10 diff --git a/sle12/profiles/stig.profile b/sle12/profiles/stig.profile index d7072206f15b..3f00b9553173 100644 --- a/sle12/profiles/stig.profile +++ b/sle12/profiles/stig.profile @@ -28,4 +28,4 @@ selections: - service_auditd_enabled - auditd_data_retention_space_left - auditd_data_retention_action_mail_acct - + - set_password_hashing_algorithm_logindefs