37 commits

Author	SHA1	Message	Date
Mark Bolwell	9e9e3abc43	changed default grub password ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-18 16:29:03 +00:00
Mark Bolwell	bc90630ca8	git add set bootloader & gossupdates ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-18 16:21:51 +00:00
Mark Bolwell	e17acee56d	fixed variables ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 13:59:15 +00:00
Mark Bolwell	0c279ad97d	new control 5.6.6 added ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 09:09:49 +00:00
Mark Bolwell	e62e5630b4	section 4 updates ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 11:38:53 +00:00
Mark Bolwell	1d96539637	Exentsion to auditd ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-10-14 12:29:06 +01:00
Mark Bolwell	4fe4346f35	updated audit filename ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-10-14 12:09:14 +01:00
Mark Bolwell	d3d819b0a0	changed default git_branch to devel ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 14:24:31 +01:00
Mark Bolwell	962319fcce	changed audit dir to opt ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-09-16 11:52:55 +01:00
Mark Bolwell	5ba2c41851	updated ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-26 11:13:29 +01:00
Mark Bolwell	de4a7c5bf2	removed empty row ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-07-25 11:24:07 +01:00
Mark Bolwell	d2684c1e9d	auditd, sysctl vars goss version update ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-06-20 17:05:23 +01:00
Adam Lewandowski	581eb70b48	Restore rhel9cis_pam_faillock.remember, as it is used by rules 5.5.3 and 5.5.4 ... Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Adam Lewandowski	62649cb6c5	Updated rhel9cis_pam_faillock defaults to only those needed for RHEL9 ... Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Adam Lewandowski	85afda6413	Add missing variable defaults for 'rhel9cis_pam_faillock' ... Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>	2022-05-06 11:04:23 -04:00
Mark Bolwell	627f6e291d	updated environment options ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-05-03 10:22:00 +01:00
Mark Bolwell	a8602689b8	updated issues and added improvements ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-25 16:58:11 +01:00
Mark Bolwell	f66d271cee	controlid updates ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-11 17:39:30 +01:00
Mark Bolwell	b8bb7912a1	removed iptables - not valid in rh9 ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-06 17:29:57 +01:00
Mark Bolwell	7374c37510	updates var naming ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-06 16:31:57 +01:00
Mark Bolwell	e9d212437a	firewall pkgs to masked as default ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 13:07:36 +01:00
Mark Bolwell	13a6746997	lint ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:24:47 +01:00
Mark Bolwell	2bf95bf3da	default mask nftable for firewalld ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-05 10:08:42 +01:00
Mark Bolwell	3d5fd41ed8	pam vars ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 19:31:02 +01:00
Mark Bolwell	842b295ecf	firewall pkg control - prefer log capture ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 15:15:40 +01:00
Mark Bolwell	4dfacd9e3b	updated server/service vars ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 12:50:41 +01:00
Mark Bolwell	39780562c1	section 1 updates ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-04 12:07:07 +01:00
Mark Bolwell	2d21f8a98e	tidy up vars ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 17:09:53 +01:00
Mark Bolwell	2565df6047	removed notauto var as not used ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 16:41:05 +01:00
Mark Bolwell	a7403f860f	removed travis variable ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 16:37:24 +01:00
Mark Bolwell	f0c4701dbd	updated controls ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-04-01 15:26:13 +01:00
Mark Bolwell	c6caa90059	updated ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 16:18:11 +01:00
Mark Bolwell	c96271ea7a	update section1_2 ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-03-30 09:42:12 +01:00
uk-bolly	02a36f7f8d	Fix in logic for Alma (#4) ... * container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed reboot var Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * changed skip_reboot var name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * masked only Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * remove debug update logic 6.2.8 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed CentOS Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-02-02 11:25:03 +00:00
Mark Bolwell	54f4e0b4b8	boolean variable true/false ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-13 16:51:17 +00:00
Mark Bolwell	59bbf71971	crontab file locations updated ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-07 11:11:06 +00:00
Mark Bolwell	a54b5216eb	Initial ... Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2022-01-07 09:06:18 +00:00