RHEL9-CIS

mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-27 15:33:06 +00:00

Author	SHA1	Message	Date
Ionut Pruteanu	e44c45d1a2	Changes after rebasing. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:16 +02:00
Ionut Pruteanu	0464c937c5	Doc additions for: - Sections 2.2 && 2.3 - Section 3 - Section 4.1 Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:16 +02:00
Ionut Pruteanu	13db3ab89e	Doc additions for: - Yum repos, - bootloader, - crypto policies, - SELinux - NTP Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:16 +02:00
Ionut Pruteanu	39acb53d30	Rebasing after: ~~~ Small additions to first part of documentation. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:16 +02:00
root@DERVISHx	71c2f804a0	Document variables in defaults/main.yml, Fix 5 from devel Signed-off-by: root@DERVISHx <nuno.carvalho@siemens.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:16 +02:00
Ionut Pruteanu	70a18cd8ff	Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:15 +02:00
Ionut Pruteanu	9e7cf73aed	Storing max_log_file under `rhel9cis_auditd` dict variable. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:15 +02:00
Marcin Dulinski	495355b067	Fixed chrony configuration options Signed-off-by: Marcin Dulinski <martin@dulin.me.uk> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:14 +02:00
Mark Bolwell	9f6c9adb42	audit variables seperated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:14 +02:00
Mark Bolwell	d94bd7476c	added pragma allowed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:13 +02:00
Mark Bolwell	f0c3bff907	git audit binary version updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:12 +02:00
Mark Bolwell	7be36c4fff	new var rhel9cis_rhel_default_repo Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:12 +02:00
Mark Bolwell	2c76d76f25	more ansible_facst referenced #54 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:12 +02:00
Mark Bolwell	c15fb6cf68	Added comment for os_check var Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:12 +02:00
Mark Bolwell	da7fa4d343	updated audit vars naming, AMD & ARM binaries Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 08:30:10 +02:00
Mark Bolwell	e19402d613	updated comment Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-07-05 13:01:56 +01:00
Mark Bolwell	12c5d6e813	update comment Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-06-28 11:46:08 +01:00
Mark Bolwell	674d3417ff	rule_1.10 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-06-06 14:36:38 +01:00
Jimmy Conner	626c76236a	Fix Policy Number for Grub Boot Password Signed-off-by: Jimmy Conner <jconner@redhat.com>	2023-05-31 10:56:33 -05:00
Mark Bolwell	42b9dc9e89	Linting Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-20 15:16:15 +00:00
Mark Bolwell	868e74bbf4	issue 41 5.3.7 tasks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-13 09:44:51 +00:00
Mark Bolwell	58d3bb4e41	updated var naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-01 09:17:38 +00:00
Mark Bolwell	a28c0531ee	align audit release Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-02-20 14:02:49 +00:00
Mark Bolwell	a14e9c5dbe	#30 thanks to @smatterchew sshd config file dropin ability Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-02-20 11:31:46 +00:00
Mark Bolwell	e5ce163fcf	new option to 6_2_16 not follow symlinks Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-02-14 08:54:21 +00:00
Mark Bolwell	bf83a6b84c	Add more safety around control 5.4.2 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-27 12:19:16 +00:00
Mark Bolwell	7d426bd497	Added # comment Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 16:03:17 +00:00
Mark Bolwell	032e73348a	removed vars not used any longer Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-23 17:01:27 +00:00
Mark Bolwell	fdf298328c	documented 1.2.4 for rhel Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-20 17:14:24 +00:00
Mark Bolwell	5eb72bc544	updated banner message Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-20 11:21:31 +00:00
Mark Bolwell	de88c96f24	section 1.8 alignment v1.0.0 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-20 10:29:50 +00:00
Mark Bolwell	499b67ceb2	Updated rsyslog server variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 14:51:30 +00:00
Mark Bolwell	999d7b5b1e	fix csv sugroup option updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 13:33:11 +00:00
Mark Bolwell	9e9e3abc43	changed default grub password Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-18 16:29:03 +00:00
Mark Bolwell	bc90630ca8	git add set bootloader & gossupdates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-18 16:21:51 +00:00
Mark Bolwell	e17acee56d	fixed variables Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 13:59:15 +00:00
Mark Bolwell	0c279ad97d	new control 5.6.6 added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 09:09:49 +00:00
Mark Bolwell	e62e5630b4	section 4 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 11:38:53 +00:00
Mark Bolwell	1d96539637	Exentsion to auditd Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-10-14 12:29:06 +01:00
Mark Bolwell	4fe4346f35	updated audit filename Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-10-14 12:09:14 +01:00
Mark Bolwell	d3d819b0a0	changed default git_branch to devel Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 14:24:31 +01:00
Mark Bolwell	962319fcce	changed audit dir to opt Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:52:55 +01:00
Mark Bolwell	5ba2c41851	updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-26 11:13:29 +01:00
Mark Bolwell	de4a7c5bf2	removed empty row Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-25 11:24:07 +01:00
Mark Bolwell	d2684c1e9d	auditd, sysctl vars goss version update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-06-20 17:05:23 +01:00
Adam Lewandowski	581eb70b48	Restore rhel9cis_pam_faillock.remember, as it is used by rules 5.5.3 and 5.5.4 Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Adam Lewandowski	62649cb6c5	Updated rhel9cis_pam_faillock defaults to only those needed for RHEL9 Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Adam Lewandowski	85afda6413	Add missing variable defaults for 'rhel9cis_pam_faillock' Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Mark Bolwell	627f6e291d	updated environment options Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-05-03 10:22:00 +01:00
Mark Bolwell	a8602689b8	updated issues and added improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-25 16:58:11 +01:00

1 2

70 commits