Deprecated tests & Adding missing tests from RHEL7 STIG v2r4 #142
Conversation
Merge of updates
Merge from simp/inspec-profile-disa_stig-el7
…m the STIG. Currently the following have been removed from the Latest STIG RHEL7 V2R4
V-71895 - The operating system must set the idle delay setting for all connection types.
V-71981 - The operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of packages without verification of the repository metadata.
V-72143 - The operating system must generate audit records for all successful/unsuccessful account access count events.
V-72169 - All uses of the sudoedit command must be audited.
V-72181 - All uses of the pt_chown command must be audited.
V-72193 - All uses of the rmmod command must be audited
V-72195 - All uses of the modprobe command must be audited.
V-72215 - The system must update the virus scan program every seven days or more frequently
V-72435 - The operating system must implement smart card logons for multifactor authentication for access to privileged accounts.
V-78995 - The operating system must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
Deprecated tests
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Signed-off-by: HackerShark <melsharkawi@mitre.org>
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Fixed some typos.
Signed-off-by: HackerShark <melsharkawi@mitre.org>
|
@aaronlippold Looks like we're still having an issue, do you know what might be causing this? https://travis-ci.org/github/simp/inspec-profile-disa_stig-el7/jobs/658905934#L1472 |
|
It looks like a parsing issue of the outcoming JSON file. The only change
they made to the JSON structure was when they added the waivers data.
…On Wed, Mar 11, 2020, 9:52 AM Trevor Vaughan ***@***.***> wrote:
@aaronlippold <https://github.com/aaronlippold> Looks like we're still
having an issue, do you know what might be causing this?
https://travis-ci.org/github/simp/inspec-profile-disa_stig-el7/jobs/658905934#L1472
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#142 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42CCIVBVPIQVH2VG24TRG6JRXANCNFSM4LBLDKIQ>
.
|
|
I ran the test without these updates on a different repo and didn't have any issues so I think it's something related to this change but there's not really enough to go on. |
|
Oh, this is an issue with running the |
Signed-off-by: Aaron Lippold <lippold@gmail.com>
|
I see that inspec is now running but we're not getting a report. Can you see if there is any valid output coming from this new data set? |
|
There seems to still be something wrong: |
|
This identified a bug in Fixed in simp/rubygem-simp-beaker-helpers#121 and will be released soon |
|
For anyone tracking this PR: simp/rubygem-simp-beaker-helpers#121 was released on April 07. However, we've recently migrated our org's Travis CI from travis-ci.org to travis-ci.com, so restarting the previous Travis PR checks to pick up the new gems won't clear the failed travis-ci.org checks (and we can't get rid of them). As a workaround: you can push up trivial change to the PR, which will prompt all CI PR checks rerun on the new commit from scratch. |
|
Closing. Maintenance has been moved to https://github.com/mitre/redhat-enterprise-linux-7-stig-baseline |
Merging in PR #114 and #113
Pulled in latest updates from Master of Simp.
Rebased depracatedTests with Simp master.
Merged updates.
Resolved all merge conflicts.
Cleaned up controls.
Made various fixes.