Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding auditd rules to hardening machine-image #521

Closed
wants to merge 1 commit into from
Closed

Adding auditd rules to hardening machine-image #521

wants to merge 1 commit into from

Commits on Apr 22, 2024

  1. Adding auditd rules to hardening machine-image 

    Install auditd and add auditd rules to hardening machine-image.
Also add kernel boot parameters to audit.

This will apply following CIS compliance rules:
- xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_insmod
- xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_modprobe
- xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_rmmod
- xccdf_org.ssgproject.content_rule_audit_rules_mac_modification
- xccdf_org.ssgproject.content_rule_audit_rules_mac_modification
- xccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification
- xccdf_org.ssgproject.content_rule_audit_rules_session_events
- xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function
- xccdf_org.ssgproject.content_rule_grub2_audit_argument
- xccdf_org.ssgproject.content_rule_grub2_audit_backlog_limit_argument
- xccdf_org.ssgproject.content_rule_auditd_data_retention_max_log_file_action
- xccdf_org.ssgproject.content_rule_auditd_data_retention_space_left_action
- xccdf_org.ssgproject.content_rule_auditd_data_retention_admin_space_left_action

Fixes scylladb/scylla-enterprise-machine-image#71
Related scylladb/scylla-pkg#2953
    @syuu1228
    syuu1228 committed Apr 22, 2024
    Configuration menu
    Copy the full SHA
    d1315f6 View commit details
    Browse the repository at this point in the history