RHEL9-CIS

Author	SHA1	Message	Date
Mark Bolwell	e05c2f3241	added fix for #232 thanks to @Arkhenys Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-08-21 11:11:21 +01:00
Mark Bolwell	a0fd194ef4	fixed typo on 4.1.4.5 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-08-12 10:47:38 +01:00
Mark Bolwell	82119205b1	issue #224 addressed thanks to @globalpayments-shoebsyed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-08-09 17:21:36 +01:00
Mark Bolwell	22cd20c067	updated for issue #226 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-08-09 16:20:14 +01:00
Mark Bolwell	20e2986406	capture only configuratoin lines from rsyslog Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-06-05 17:10:22 +01:00
RoboPickle	6eeae19517	Address issues in 4.1.1.2 and 4.1.1.3 including idempotent status (#188 ) * Fixed issues with 4.1.1.2 and 4.1.1.3 Now handle multiple kernels and are idempotent Signed-off-by: John Foster <robopickle@proton.me> * Fixed issues with 4.1.1.2 and 4.1.1.3 Now handle multiple kernels and are idempotent Removed debug messages Signed-off-by: John Foster <robopickle@proton.me> --------- Signed-off-by: John Foster <robopickle@proton.me>	2024-03-14 17:13:34 +00:00
uk-bolly	7d7b6132f4	March 24 to devel (#186 ) * Issue #170, PR #181 thanks to @ipruteanu-sie * issue #182, PR #183 thansk to @ipruteanu-sie * PR #180 thanks to @ipruteanu-sie and @raabf * Addressed PR #165 thanks to @ipruteanu-sie * PT #184 addressed thansk to @ipruteanu-sie * updated credits * typo and ssh allow_deny comments * enable OS check --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-03-06 16:52:38 +00:00
uk-bolly	0f58436212	Gpg import for rhel servers (#185 ) * change logic thanks to @rjacobs1990 see #175 * 1.2.1 force gpg import rhel * fix missing facts --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-03-06 09:10:06 +00:00
uk-bolly	40bc7aa082	Feb24 updates (#179 ) * change logic thanks to @rjacobs1990 see #175 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * thanks to @ipruteani-sie #134 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Thanks to @stwongst #125 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * thanks to @sgomez86 #146 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added updates from #115 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * removed rp_filter in post added in error Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated yamllint precommit Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated fqcn fo json_query Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fix typo for virt type query Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> --------- Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-02-20 15:43:43 +00:00
uk-bolly	06ec3de5c4	Merge pull request #175 from rjacobs1990/bugfix/fix-permissions-logfiles fix: idempotency molecule issue fixed for logfiles #173	2024-02-19 14:16:21 +00:00
rjacobs1990	742165cd72	fix: more readable condition and prevent skipping 0600 #173 Signed-off-by: rjacobs1990 <ricardojacobs20@gmail.com>	2024-02-12 16:21:31 +01:00
rjacobs1990	8652390beb	fix: idempotency molecule issue fixed for logfiles and prevent skipping 0600 #173 Signed-off-by: rjacobs1990 <ricardojacobs20@gmail.com>	2024-02-12 15:55:42 +01:00
rjacobs1990	c805ee398b	fix: idempotency molecule issue fixed for logfiles #173 Signed-off-by: rjacobs1990 <ricardojacobs20@gmail.com>	2024-02-12 14:47:12 +01:00
Ionut Pruteanu	e2738f0a44	Fixing indentation for lines reported by yamllint Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 21:31:14 +02:00
Ionut Pruteanu	18803420f0	Replacing secure-configuration of 'audit' and 'audit_backlog_limit' from the `/etc/default/grub` approach to `grubby`(actually used by CIS) Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2024-01-31 21:27:00 +02:00
uk-bolly	df1aef8d31	Merge pull request #148 from siemens/siemens/feat/AuditVarsRefactoring Siemens/feat/audit vars refactoring	2024-01-26 12:34:30 +00:00
uk-bolly	6f8a95c73a	Merge pull request #143 from siemens/siemens/feat/4.2.1.3conditionalAndSectionHeader Siemens/feat/4.2.1.3conditional and section header	2023-12-21 08:40:41 +00:00
Ionut Pruteanu	ca41b128cd	Defining some threshold for (audit_)space_left vars, as well as a bool which governs if extra params will be configured Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-20 22:21:14 +02:00
Ionut Pruteanu	88ffe32137	Storing max_log_file under `rhel9cis_auditd` dict variable. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-20 21:58:49 +02:00
Corey Reid	8d85f178e2	find hidden files in /var/log for 4.3.2 Signed-off-by: Corey Reid <corey.nathan.reid@gmail.com>	2023-12-17 17:36:34 +00:00
Ionut Pruteanu	e0de491263	whole section defined in cis_4.2.1.x.yml gets executed only `when: rhel9cis_syslog == 'rsyslog'`, having same condition is redundant and may confuse users. Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-08 12:03:00 +02:00
Ionut Pruteanu	d79bba53c6	Rsyslog subsection corrected header(was using 4.2 logging name, instead of 4.2.1. rsyslog name) Signed-off-by: Ionut Pruteanu <ionut.pruteanu@siemens.com>	2023-12-08 12:01:10 +02:00
Mark Bolwell	e82b2cefac	quoted file mode Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 16:25:59 +01:00
Mark Bolwell	580ee762ee	fix filename Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:35:35 +01:00
Mark Bolwell	c5ed197e03	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 15:07:52 +01:00
Mark Bolwell	a67a484971	import_tasks file added Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-09-21 14:55:55 +01:00
Mark Bolwell	c7d72b564b	4.1.3.6 command improvement Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-05-17 15:42:30 +01:00
Thomas Merkel	2380cd46c9	Use correct backtick for regex escape Depends on the ansible version regex escape (via slash) require correct backticks to work. Otherwise it would result in a syntax error. Signed-off-by: Thomas Merkel <tm@core.io>	2023-05-04 19:40:19 +02:00
Mark Bolwell	5e5174a5b0	updated marker Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-10 15:19:35 +00:00
Mark Bolwell	ebdb8b9129	Updated layout Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-10 15:08:12 +00:00
Mark Bolwell	5a928b4304	Issue #38 thanks to bdwyertech Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-03-07 11:02:15 +00:00
Mark Bolwell	7459f1d445	idempontency improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-02-27 17:26:34 +00:00
Mark Bolwell	e52cc6ca6b	4.1.4.8 tidy title remove register not used Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-31 08:31:12 +00:00
Mark Bolwell	4b1956508a	updates control steps Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 08:30:43 +00:00
Mark Bolwell	e641780168	replace module dest -> path Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 08:29:30 +00:00
Mark Bolwell	f9267a389b	remove state file on file module Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-26 08:29:03 +00:00
Mark Bolwell	10a6a2e0dd	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 11:36:12 +00:00
Mark Bolwell	7760f35161	with_items to loop Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 10:01:14 +00:00
Mark Bolwell	9e63393899	removed state presnet from infile as default Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 09:47:13 +00:00
Mark Bolwell	4adb0ec812	standardize handler naming Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-25 09:41:32 +00:00
Mark Bolwell	0350e234fe	rhel_09 updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-24 11:02:32 +00:00
Mark Bolwell	499b67ceb2	Updated rsyslog server variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 14:51:30 +00:00
Mark Bolwell	cb609c1f1a	fqcn update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 13:31:53 +00:00
Mark Bolwell	163900e277	add file exclusions Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-19 11:29:03 +00:00
Mark Bolwell	6e77a3ced6	removed older version Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-18 16:22:30 +00:00
Mark Bolwell	50d4cd83aa	Removed -automated Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 14:15:50 +00:00
Mark Bolwell	acf0104f7a	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 12:10:18 +00:00
Mark Bolwell	3ead0d63ac	warn control count updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-13 11:05:25 +00:00
Mark Bolwell	793b1e1666	title update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 15:02:10 +00:00
Mark Bolwell	876b5d3508	improved find Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2023-01-12 15:01:59 +00:00

1 2

86 commits