ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-03-25 22:37:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #37 from ansible-lockdown/rule_6.3.3.5_update

Browse source 
Rule 6.3.3.5 update
This commit is contained in:
jjoympg 2025-07-01 10:17:54 -04:00 committed by GitHub
commit 0f5f3ee19b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Changelog.md
View file

@ -8,6 +8,7 @@
- Improved documentation and variable compilation for crypto policies
- Addresses #318 - Thank you @kodebach & @bgro
- Improved logic for 5.2.4 to exclude rhel9cis_sudoers_exclude_nopasswd_list in pre-check tasks/main.yml
- rule_6.3.3.5 updated for missing checks
## 2.0.1 - Based on CIS v2.0.0

2
templates/audit/99_auditd.rules.j2
View file

@ -56,8 +56,10 @@
-w /etc/issue -p wa -k system-locale
-w /etc/issue.net -p wa -k system-locale
-w /etc/hosts -p wa -k system-locale
-w /etc/hostname -p wa -k system-locale
-w /etc/sysconfig/network -p wa -k system-locale
-w /etc/sysconfig/network-scripts -p wa -k system-locale
-w /etc/NetworkManager -p wa -k system-locale
{% endif %}
{% if rhel9cis_rule_6_3_3_6 %}
{% for proc in discovered_priv_procs.stdout_lines -%}