Update SLES-15-030680 check and fix

ComplianceAsCode · Nov 4, 2024 · 6b97cb2 · 6b97cb2
1 parent 33d220b
commit 6b97cb2
Show file tree

Hide file tree

Showing 8 changed files with 11 additions and 11 deletions.
diff --git a/...ng/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/ansible/shared.yml b/...ng/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 7,Red Hat Virtualization 4,multi_platform_sle,multi_platform_slmicro
+# platform = Oracle Linux 7,Red Hat Virtualization 4,SUSE Linux Enterprise 12,multi_platform_slmicro
 # reboot = false
 # complexity = low
 # disruption = low

diff --git a/...diting/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/...diting/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh
@@ -1,7 +1,7 @@
 # platform = multi_platform_all
 
 AUDISP_REMOTE_CONFIG="{{{ audisp_conf_path }}}/audisp-remote.conf"
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
 option="^transport"
 value="KRB5"
 {{% else %}}

diff --git a/...iting/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml b/...iting/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml
@@ -2,7 +2,7 @@
 
 <def-group>
   <definition class="compliance" id="auditd_audispd_encrypt_sent_records" version="1">
-    {{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
+    {{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
     {{{ oval_metadata("transport setting in " + audisp_config_file_path + " is set to 'KRB5'") }}}
     {{% else %}}
     {{{ oval_metadata("enable_krb5 setting in " + audisp_config_file_path + " is set to 'yes'") }}}
@@ -22,7 +22,7 @@
     <ind:filepath>{{{ audisp_config_file_path }}}</ind:filepath>
     <!-- Allow only space (exactly) as delimiter -->
     <!-- Require at least one space before and after the equal sign -->
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
     <ind:pattern operation="pattern match">^[ ]*transport[ ]+=[ ]+KRB5[ ]*$</ind:pattern>
 {{% else %}}
     <ind:pattern operation="pattern match">^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$</ind:pattern>

diff --git a/...ide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/...ide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
@@ -6,7 +6,7 @@ title: 'Encrypt Audit Records Sent With audispd Plugin'
 description: |-
     Configure the operating system to encrypt the transfer of off-loaded audit
     records onto a different system or media from the system being audited.
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
     Set the <tt>transport</tt> option in <pre>{{{ audisp_conf_path }}}/audisp-remote.conf</pre>
     to <tt>KRB5</tt>.
 {{% else %}}
@@ -43,7 +43,7 @@ ocil_clause: 'audispd is not encrypting audit records when sent over the network
 ocil: |-
     To verify the audispd plugin encrypts audit records off-loaded onto a different
     system or media from the system being audited, run the following command:
-{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}}
+{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}}
     <pre>$ sudo grep -i transport {{{ audisp_conf_path }}}/audisp-remote.conf</pre>
     The output should return the following:
     <pre>transport = KRB5</pre>
@@ -55,7 +55,7 @@ ocil: |-
 
 fixtext: |-
     Configure {{{ full_name }}} to encrypt audit records sent with audispd plugin.
-{{% if product in ["fedora", "ol8", "ol9", "rhv4"] or "rhel" in product %}}
+{{% if product in ["fedora", "ol8", "ol9", "rhv4", "sle15"] or "rhel" in product %}}
     Set the "transport" option in "{{{ audisp_conf_path }}}/audisp-remote.conf" to "KRB5".
 {{% else %}}
     Uncomment the "enable_krb5" option in "{{{ audisp_conf_path }}}/audisp-remote.conf",

diff --git a/...td_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh b/...td_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,SUSE Linux Enterprise 15
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment

diff --git a/..._data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh b/..._data_retention/auditd_audispd_encrypt_sent_records/tests/transport_correct_value.pass.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,SUSE Linux Enterprise 15
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment

diff --git a/...ditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh b/...ditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_not_there.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,SUSE Linux Enterprise 15
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment

diff --git a/...td_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh b/...td_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_wrong_value.fail.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,SUSE Linux Enterprise 15
 
 . $SHARED/auditd_utils.sh
 prepare_auditd_test_enviroment