From 1e55d8600190706d9a42f54901030dfb4d4d1cfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:12:06 +0100 Subject: [PATCH 1/6] Update cis_1.3.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Correction to "when": 1_3_3 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_1/cis_1.3.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/section_1/cis_1.3.x.yml b/tasks/section_1/cis_1.3.x.yml index 7a5e544..dda9c66 100644 --- a/tasks/section_1/cis_1.3.x.yml +++ b/tasks/section_1/cis_1.3.x.yml @@ -67,7 +67,7 @@ /sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512 validate: aide -D --config %s when: - - rhel9cis_rule_1_3_2 + - rhel9cis_rule_1_3_3 - not system_is_ec2 tags: - level1-server From 4d749d988d87c6bbd281f2efe40fbd92ee3c291a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:13:32 +0100 Subject: [PATCH 2/6] Update cis_1.8.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrected tag rule_1.8.10 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_1/cis_1.8.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/section_1/cis_1.8.x.yml b/tasks/section_1/cis_1.8.x.yml index 20e56c4..e6f4b0c 100644 --- a/tasks/section_1/cis_1.8.x.yml +++ b/tasks/section_1/cis_1.8.x.yml @@ -261,4 +261,4 @@ - level1-workstation - patch - gui - - rule_1.8.4 + - rule_1.8.10 From 712b8b6ecd3b6dbd120934adfbdcdc0a287eba53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:15:11 +0100 Subject: [PATCH 3/6] Update cis_5.6.1.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrected tag: rule_5.6.1.1 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_5/cis_5.6.1.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/section_5/cis_5.6.1.x.yml b/tasks/section_5/cis_5.6.1.x.yml index f7b8136..d1f488f 100644 --- a/tasks/section_5/cis_5.6.1.x.yml +++ b/tasks/section_5/cis_5.6.1.x.yml @@ -12,7 +12,7 @@ - level1-workstation - patch - password - - rule_5.5.1.1 + - rule_5.6.1.1 - name: "5.6.1.2 | PATCH | Ensure minimum days between password changes is 7 or more" ansible.builtin.lineinfile: From 3b256ff8311f65c527c69334d65a7f7bf32e5ed9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:16:20 +0100 Subject: [PATCH 4/6] Update cis_5.6.1.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrected tag: rule_5.6.1.5 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_5/cis_5.6.1.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/section_5/cis_5.6.1.x.yml b/tasks/section_5/cis_5.6.1.x.yml index d1f488f..8d082bc 100644 --- a/tasks/section_5/cis_5.6.1.x.yml +++ b/tasks/section_5/cis_5.6.1.x.yml @@ -117,4 +117,4 @@ - level1-server - level1-workstation - patch - - rule_5.5.1.5 + - rule_5.6.1.5 From d6b44aac70db771be180954191a4809831480b2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:18:52 +0100 Subject: [PATCH 5/6] Update cis_6.1.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrected tags: rule_6.1.8 & rule_6.1.12 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_6/cis_6.1.x.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/section_6/cis_6.1.x.yml b/tasks/section_6/cis_6.1.x.yml index 4cc5cbd..7bce9c5 100644 --- a/tasks/section_6/cis_6.1.x.yml +++ b/tasks/section_6/cis_6.1.x.yml @@ -118,7 +118,7 @@ - level1-workstation - patch - permissions - - rule_6.1.10 + - rule_6.1.8 - name: "6.1.9 | PATCH | Ensure no world writable files exist" block: @@ -253,7 +253,7 @@ - patch - stickybits - permissons - - rule_1.1.21 + - rule_6.1.12 - name: "6.1.13 | AUDIT | Audit SUID executables" block: From e0491ccb8f7fd4e0b85335eeb4795790ea773172 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joachim=20la=20Poutr=C3=A9?= <14360383+sickbock@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:20:08 +0100 Subject: [PATCH 6/6] Update cis_6.2.x.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Corrected tag: rule_6.2.3 Signed-off-by: Joachim la Poutré <14360383+sickbock@users.noreply.github.com> --- tasks/section_6/cis_6.2.x.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/section_6/cis_6.2.x.yml b/tasks/section_6/cis_6.2.x.yml index 2f3141b..6ab91cd 100644 --- a/tasks/section_6/cis_6.2.x.yml +++ b/tasks/section_6/cis_6.2.x.yml @@ -73,7 +73,7 @@ - audit - accounts - groups - - rule_6.2.2 + - rule_6.2.3 - name: "6.2.4 | AUDIT Ensure no duplicate UIDs exist" block: