Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update CIS RHEL9 control file to v2.0.0 #12067

Merged
merged 61 commits into from
Jun 26, 2024
Merged

Update CIS RHEL9 control file to v2.0.0 #12067

merged 61 commits into from
Jun 26, 2024

Commits on Jun 14, 2024

  1. CIS RHEL9 v2.0.0 - 1.1.1 Configure Filesystem Kernel Modules

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    fd73d84 View commit details
    Browse the repository at this point in the history

  2. CIS RHEL9 v2.0.0 - 1.1.2.1 Configure /tmp

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    2bde1a1 View commit details
    Browse the repository at this point in the history

  3. CIS RHEL9 v2.0.0 - 1.1.2.2 Configure /dev/shm

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    58a830e View commit details
    Browse the repository at this point in the history

  4. CIS RHEL9 v2.0.0 - 1.1.2.3 Configure /home

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    8b56a08 View commit details
    Browse the repository at this point in the history

  5. CIS RHEL9 v2.0.0 - 1.1.2.4 Configure /var

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    b583f31 View commit details
    Browse the repository at this point in the history

  6. CIS RHEL9 v2.0.0 - 1.1.2.5 Configure /var/tmp

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    a9aadf3 View commit details
    Browse the repository at this point in the history

  7. CIS RHEL9 v2.0.0 - 1.1.2.6 Configure /var/log

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    6ea5e04 View commit details
    Browse the repository at this point in the history

  8. CIS RHEL9 v2.0.0 - 1.1.2.7 Configure /var/log/audit

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    00314f7 View commit details
    Browse the repository at this point in the history

  9. CIS RHEL9 v2.0.0 - 1.1 Cleanup

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    2e318fe View commit details
    Browse the repository at this point in the history

  10. CIS RHEL9 v2.0.0 - 1.2.1 Configure Package Repositories

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    5a45d41 View commit details
    Browse the repository at this point in the history

  11. CIS RHEL9 v2.0.0 - 1.2.2 Configure Package Updates

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    51d5ad2 View commit details
    Browse the repository at this point in the history

  12. CIS RHEL9 v2.0.0 - 1.3.1 Configure SELinux

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    7593450 View commit details
    Browse the repository at this point in the history

  13. CIS RHEL9 v2.0.0 - 1.4 Configure Bootloader

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    56f9f31 View commit details
    Browse the repository at this point in the history

  14. CIS RHEL9 v2.0.0 - 1.5 Configure Additional Process Hardening

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    2f75821 View commit details
    Browse the repository at this point in the history

  15. CIS RHEL9 v2.0.0 - 1.6 Configure system wide crypto policy

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    96ceda9 View commit details
    Browse the repository at this point in the history

  16. CIS RHEL9 v2.0.0 - 1.7 Configure Command Line Warning Banners

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    e7958a2 View commit details
    Browse the repository at this point in the history

  17. CIS RHEL9 v2.0.0 - 1.8 Configure GNOME Display Manager

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    05e8b26 View commit details
    Browse the repository at this point in the history

  18. CIS RHEL9 v2.0.0 - 1 - Initial Setup - Cleanup

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    606ef8d View commit details
    Browse the repository at this point in the history

  19. CIS RHEL9 v2.0.0 - 2.1 Configure Server Services

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    7faea81 View commit details
    Browse the repository at this point in the history

  20. CIS RHEL9 v2.0.0 - 2.2 Configure Client Services

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    1a77e1d View commit details
    Browse the repository at this point in the history

  21. CIS RHEL9 v2.0.0 - 2.3 Configure Time Synchronization

    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    a5dc7d1 View commit details
    Browse the repository at this point in the history

  22. CIS RHEL9 v2.0.0 - 2.4.1 Configure cron 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    bece9c0 View commit details
    Browse the repository at this point in the history

  23. CIS RHEL9 v2.0.0 - 2.4.2 Configure at 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    2f6b328 View commit details
    Browse the repository at this point in the history

  24. CIS RHEL9 v2.0.0 - 2 - Services - Cleanup 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    692578b View commit details
    Browse the repository at this point in the history

  25. CIS RHEL9 v2.0.0 - 3.1 Configure Network Devices 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    6d27cdc View commit details
    Browse the repository at this point in the history

  26. CIS RHEL9 v2.0.0 - 3.2 Configure Network Kernel Modules 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    d176b4f View commit details
    Browse the repository at this point in the history

  27. CIS RHEL9 v2.0.0 - 3.3 Configure Network Kernel Parameters 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    3c0d43d View commit details
    Browse the repository at this point in the history

  28. CIS RHEL9 v2.0.0 - 4.1 Configure a firewall utility 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    6b57fbb View commit details
    Browse the repository at this point in the history

  29. CIS RHEL9 v2.0.0 - 4.2 Configure FirewallD 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    2feb1e3 View commit details
    Browse the repository at this point in the history

  30. CIS RHEL9 v2.0.0 - 4.3 Configure NFTables 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    a1a70dc View commit details
    Browse the repository at this point in the history

  31. CIS RHEL9 v2.0.0 - 4 Host Based Firewall - Cleanup 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    83adb13 View commit details
    Browse the repository at this point in the history

  32. CIS RHEL9 v2.0.0 - 5.1 Configure SSH Server 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    01c0a74 View commit details
    Browse the repository at this point in the history

  33. CIS RHEL9 v2.0.0 - 5.2 Configure privilege escalation 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    c9c0d30 View commit details
    Browse the repository at this point in the history

  34. CIS RHEL9 v2.0.0 - 5.3.1 Configure PAM software packages 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    325e8b7 View commit details
    Browse the repository at this point in the history

  35. CIS RHEL9 v2.0.0 - 5.3.2 Configure authselect 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    11cce12 View commit details
    Browse the repository at this point in the history

  36. CIS RHEL9 v2.0.0 - 5.3.3.1 Configure pam_faillock module 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    01d68fe View commit details
    Browse the repository at this point in the history

  37. CIS RHEL9 v2.0.0 - 5.3.3.2 Configure pam_pwquality module 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    7469a3f View commit details
    Browse the repository at this point in the history

  38. CIS RHEL9 v2.0.0 - 5.3.3.3 Configure pam_pwhistory module 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    833a602 View commit details
    Browse the repository at this point in the history

  39. CIS RHEL9 v2.0.0 - 5.3.3.4 Configure pam_unix module 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    ddd8759 View commit details
    Browse the repository at this point in the history

  40. CIS RHEL9 v2.0.0 - 5.4.1 Configure shadow password suite parameters 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    17e9763 View commit details
    Browse the repository at this point in the history

  41. CIS RHEL9 v2.0.0 - 5.4.2 Configure root and system accounts and envir… 

    …onment

Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    e88c32a View commit details
    Browse the repository at this point in the history

  42. CIS RHEL9 v2.0.0 - 5.4.3 Configure user default environment 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    ef0c90f View commit details
    Browse the repository at this point in the history

  43. CIS RHEL9 v2.0.0 - 6.1 Configure Integrity Checking 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    4d88d52 View commit details
    Browse the repository at this point in the history

  44. CIS RHEL9 v2.0.0 - 6.2.1 Configure systemd-journald service 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    258eb01 View commit details
    Browse the repository at this point in the history

  45. CIS RHEL9 v2.0.0 - 6.2.2.1 Configure systemd-journal-remote 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    c932e11 View commit details
    Browse the repository at this point in the history

  46. CIS RHEL9 v2.0.0 - 6.2.2 Configure journald 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    eb51b88 View commit details
    Browse the repository at this point in the history

  47. CIS RHEL9 v2.0.0 - 6.2.3 Configure rsyslog 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    c995a57 View commit details
    Browse the repository at this point in the history

  48. CIS RHEL9 v2.0.0 - 6.2.4 Configure Logfiles 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    287d417 View commit details
    Browse the repository at this point in the history

  49. CIS RHEL9 v2.0.0 - 6.3.1 Configure auditd Service 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    f55d0d3 View commit details
    Browse the repository at this point in the history

  50. CIS RHEL9 v2.0.0 - 6.3.2 Configure Data Retention 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    25aaf52 View commit details
    Browse the repository at this point in the history

  51. CIS RHEL9 v2.0.0 - 6.3.3 Configure auditd Rules 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    5f8587f View commit details
    Browse the repository at this point in the history

  52. CIS RHEL9 v2.0.0 - 6.3.4 Configure auditd File Access 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    94901a7 View commit details
    Browse the repository at this point in the history

  53. CIS RHEL9 v2.0.0 - 7.1 System File Permissions 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    58ca799 View commit details
    Browse the repository at this point in the history

  54. CIS RHEL9 v2.0.0 - 7.2 Local User and Group Settings 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    e45c939 View commit details
    Browse the repository at this point in the history

  55. CIS RHEL9 v2.0.0 - Update version in control file 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    e04b264 View commit details
    Browse the repository at this point in the history

  56. Include CCEs in rules selected by CIS RHEL9 v2.0.0 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    b2469fe View commit details
    Browse the repository at this point in the history

  57. Update references for profile stability tests 

    CIS RHEL9 v2.0.0
    @marcusburghardt
    marcusburghardt committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    53b28bf View commit details
    Browse the repository at this point in the history

Commits on Jun 18, 2024

  1. Update CIS profiles descriptions for RHEL9 

    Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 18, 2024
    Configuration menu
    Copy the full SHA
    ea4e438 View commit details
    Browse the repository at this point in the history

Commits on Jun 19, 2024

  1. CIS RHEL9 v2.0.0 - Adjust conflicting requirements 

    There are conflicting requirements regarding journald and rsyslog.
JournalD is the default preference for RHEL 9.

Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 19, 2024
    Configuration menu
    Copy the full SHA
    897a643 View commit details
    Browse the repository at this point in the history

  2. Update references for profile stability tests 

    CIS RHEL 9 v2.0.0

Signed-off-by: Marcus Burghardt <[email protected]>
    @marcusburghardt
    marcusburghardt committed Jun 19, 2024
    Configuration menu
    Copy the full SHA
    122b7f9 View commit details
    Browse the repository at this point in the history

Commits on Jun 26, 2024

  1. Ensure rules in rhel9 datastream 

    Ensure rules no longer used in RHEL 9 profiles are kept in the
Datastream to avoid breaking eventual tailoring files.
    @marcusburghardt
    marcusburghardt committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    fc85059 View commit details
    Browse the repository at this point in the history