From 5ed6abd5d330939df5dd17efa46784fccf33bea1 Mon Sep 17 00:00:00 2001
From: "Tomuta, Diana Maria (T CST SCC-RO)" <diana.tomuta@siemens.com>
Date: Thu, 26 Jun 2025 13:29:42 +0300
Subject: [PATCH 1/2] Fixing issue
 https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/42
 .

Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
---
 templates/audit/99_auditd.rules.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/audit/99_auditd.rules.j2 b/templates/audit/99_auditd.rules.j2
index 4d9c0d3..6c852e3 100644
--- a/templates/audit/99_auditd.rules.j2
+++ b/templates/audit/99_auditd.rules.j2
@@ -58,6 +58,8 @@
 -w /etc/hosts -p wa -k system-locale
 -w /etc/sysconfig/network -p wa -k system-locale
 -w /etc/sysconfig/network-scripts -p wa -k system-locale
+-w /etc/hostname -p wa -k system-locale
+-w /etc/NetworkManager -p wa -k system-locale
 {% endif %}
 {% if rhel9cis_rule_6_3_3_6 %}
 {% for proc in discovered_priv_procs.stdout_lines -%}

From d25b472283950e2ff5b29aa4c1951323d574c0aa Mon Sep 17 00:00:00 2001
From: "Tomuta, Diana Maria (T CST SCC-RO)" <diana.tomuta@siemens.com>
Date: Fri, 4 Jul 2025 13:50:05 +0300
Subject: [PATCH 2/2] Fixing order of configs.

Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
---
 templates/audit/99_auditd.rules.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/audit/99_auditd.rules.j2 b/templates/audit/99_auditd.rules.j2
index 6c852e3..4fa4516 100644
--- a/templates/audit/99_auditd.rules.j2
+++ b/templates/audit/99_auditd.rules.j2
@@ -56,9 +56,9 @@
 -w /etc/issue -p wa -k system-locale
 -w /etc/issue.net -p wa -k system-locale
 -w /etc/hosts -p wa -k system-locale
+-w /etc/hostname -p wa -k system-locale
 -w /etc/sysconfig/network -p wa -k system-locale
 -w /etc/sysconfig/network-scripts -p wa -k system-locale
--w /etc/hostname -p wa -k system-locale
 -w /etc/NetworkManager -p wa -k system-locale
 {% endif %}
 {% if rhel9cis_rule_6_3_3_6 %}