Skip to content

Commit

Permalink
Merge pull request ComplianceAsCode#11445 from marcusburghardt/cis_rh…
Browse files Browse the repository at this point in the history
…el8_3

Review CIS RHEL8 v3.0.0 Section 1 - Initial Setup
  • Loading branch information
jan-cerny authored Jan 17, 2024
2 parents ff54ff4 + 6f4fa95 commit 7b68e78
Show file tree
Hide file tree
Showing 83 changed files with 349 additions and 259 deletions.
452 changes: 270 additions & 182 deletions controls/cis_rhel8.yml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ references:
cis@alinux2: 1.4.2
cis@alinux3: 1.5.3
cis@rhel7: 1.4.3
cis@rhel8: 1.4.3
cis@sle12: 1.5.3
cis@sle15: 1.5.3
cobit5: DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.06,DSS06.10
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,openembedded,rhcos

title: 'Require Authentication for Single User Mode'


description: |-
Single-user mode is intended as a system recovery
method, providing a single user root access to the system by
Expand Down Expand Up @@ -33,7 +32,6 @@ references:
cis@alinux2: 1.4.2
cis@alinux3: 1.5.3
cis@rhel7: 1.4.3
cis@rhel8: 1.4.3
cis@sle12: 1.5.3
cis@sle15: 1.5.3
cobit5: DSS05.02,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.06,DSS06.10
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cis@sle12: 1.5.2
cis@sle15: 1.5.2
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ references:
ccn@rhel9: A.6.SEC-RHEL2
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cis@sle12: 1.5.2
cis@sle15: 1.5.2
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ references:
ccn@rhel9: A.6.SEC-RHEL2
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cis@sle12: 1.5.2
cis@sle15: 1.5.2
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ references:
ccn@rhel9: A.6.SEC-RHEL2
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
cui: 3.4.5
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ references:
cis-csc: 1,11,12,14,15,16,18,3,5
cis@alinux3: 1.5.1
cis@rhel7: 1.4.1
cis@rhel8: 1.4.1
cis@rhel8: 1.3.1
cis@rhel9: 1.4.1
cis@sle12: 1.5.1
cis@sle15: 1.5.1
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ references:
cis@alinux2: 1.4.1
cis@alinux3: 1.5.2
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
cui: 3.4.5
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 1.4.2
cis@rhel8: 1.4.2
cis@rhel8: 1.3.2
cis@rhel9: 1.4.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
cui: 3.4.5
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ references:
cis-csc: 11,12,14,15,16,18,3,5
cis@alinux3: 1.5.1
cis@rhel7: 1.4.1
cis@rhel8: 1.4.1
cis@rhel8: 1.3.1
cis@rhel9: 1.4.1
cis@sle12: 1.5.1
cis@sle15: 1.5.1
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ severity: low
identifiers:
cce@rhcos4: CCE-82713-9
cce@rhel7: CCE-80138-1
cce@rhel8: CCE-86615-2

references:
cis-csc: 11,14,3,9
cis@rhel7: 1.1.1.2
cis@rhel8: 1.1.1.2
cis@ubuntu2004: 1.1.1.2
cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06
cui: 3.4.6
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ severity: low
identifiers:
cce@rhcos4: CCE-82714-7
cce@rhel7: CCE-80140-7
cce@rhel8: CCE-86616-0

references:
cis-csc: 11,14,3,9
cis@rhel7: 1.1.1.4
cis@rhel8: 1.1.1.3
cis@ubuntu2004: 1.1.1.4
cis@ubuntu2204: 1.1.1.4
cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ severity: low
identifiers:
cce@rhcos4: CCE-82715-4
cce@rhel7: CCE-80141-5
cce@rhel8: CCE-86617-8

references:
cis-csc: 11,14,3,9
cis@rhel7: 1.1.1.5
cis@rhel8: 1.1.1.4
cis@ubuntu2004: 1.1.1.5
cis@ubuntu2204: 1.1.1.5
cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ severity: low
identifiers:
cce@rhcos4: CCE-82716-2
cce@rhel7: CCE-80139-9
cce@rhel8: CCE-86618-6

references:
cis-csc: 11,14,3,9
cis@rhel7: 1.1.1.3
cis@rhel8: 1.1.1.5
cis@ubuntu2004: 1.1.1.3
cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS06.06
cui: 3.4.6
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ references:
cis@alinux2: 1.1.1
cis@alinux3: 1.1.1.2
cis@rhel7: 1.1.1.2
cis@rhel8: 1.1.1.2
cis@rhel8: 1.1.1.6
cis@rhel9: 1.1.1.1
cis@sle12: 1.1.1.1
cis@sle15: 1.1.1.1
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ references:
cis-csc: 11,14,3,9
cis@alinux3: 1.1.1.3
cis@rhel7: 1.1.1.3
cis@rhel8: 1.1.1.3
cis@rhel8: 1.1.1.7
cis@rhel9: 1.1.1.2
cis@sle12: 1.1.1.2
cis@sle15: 1.1.1.2
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ references:
cis-csc: 1,12,15,16,5
cis@alinux3: 1.1.10
cis@rhel7: 1.1.24
cis@rhel8: 1.1.10
cis@rhel8: 1.1.1.8
cis@rhel9: 1.1.9
cis@sle12: 1.1.23
cis@sle15: 1.1.23
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@ references:
cis@alinux2: 1.1.19
cis@alinux3: 1.1.9
cis@rhel7: 1.1.23
cis@rhel8: 1.1.9
cis@sle12: 1.1.23
cis@sle15: 1.1.23
cis@ubuntu1804: 1.1.21
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ references:
cis@alinux2: 1.1.15
cis@alinux3: 1.1.8.1
cis@rhel7: 1.1.8
cis@rhel8: 1.1.8.1
cis@rhel8: 1.1.2.2.2
cis@rhel9: 1.1.8.2
cis@sle12: 1.1.8
cis@sle15: 1.1.8
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ references:
cis-csc: 11,13,14,3,8,9
cis@alinux2: 1.1.17
cis@rhel7: 1.1.7
cis@rhel8: 1.1.8.2
cis@rhel8: 1.1.2.2.4
cis@rhel9: 1.1.8.3
cis@sle12: 1.1.7
cis@sle15: 1.1.7
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ references:
cis@alinux2: 1.1.16
cis@alinux3: 1.1.8.3
cis@rhel7: 1.1.9
cis@rhel8: 1.1.8.3
cis@rhel8: 1.1.2.2.3
cis@rhel9: 1.1.8.4
cis@sle12: 1.1.9
cis@sle15: 1.1.9
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ identifiers:
cce@rhel9: CCE-86042-9

references:
cis@rhel8: 1.1.7.5
nist: CM-6(b)

{{{ complete_ocil_entry_mount_option("/home", "grpquota") }}}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ references:
cis@alinux2: 1.1.14
cis@alinux3: 1.1.7.2
cis@rhel7: 1.1.18
cis@rhel8: 1.1.7.2
cis@rhel8: 1.1.2.3.2
cis@rhel9: 1.1.7.2
cis@sle12: 1.1.18
cis@sle15: 1.1.18
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ references:
anssi: BP28(R28)
cis-csc: 11,13,14,3,8,9
cis@alinux3: 1.1.7.3
cis@rhel8: 1.1.7.3
cis@rhel8: 1.1.2.3.3
cis@rhel9: 1.1.7.3
cis@ubuntu2204: 1.1.7.3
cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS05.02,DSS05.05,DSS05.06,DSS06.06
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,8 @@ identifiers:
cce@rhel9: CCE-86036-1

references:
cis@rhel8: 1.1.7.4
nist: CM-6(b)



{{{ complete_ocil_entry_mount_option("/home", "usrquota") }}}

fixtext: '{{{ fixtext_mount_option("/home", "usrquota") }}}'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ references:
cis@alinux2: 1.1.3
cis@alinux3: 1.1.2.2
cis@rhel7: 1.1.4
cis@rhel8: 1.1.2.2
cis@rhel8: 1.1.2.1.2
cis@rhel9: 1.1.2.2
cis@sle12: 1.1.4
cis@sle15: 1.1.4
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ references:
cis@alinux2: 1.1.5
cis@alinux3: 1.1.2.3
cis@rhel7: 1.1.3
cis@rhel8: 1.1.2.3
cis@rhel8: 1.1.2.1.4
cis@rhel9: 1.1.2.3
cis@sle12: 1.1.3
cis@sle15: 1.1.3
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ references:
cis@alinux2: 1.1.4
cis@alinux3: 1.1.2.4
cis@rhel7: 1.1.5
cis@rhel8: 1.1.2.4
cis@rhel8: 1.1.2.1.3
cis@rhel9: 1.1.2.4
cis@sle12: 1.1.5
cis@sle15: 1.1.5
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ identifiers:
cce@rhel9: CCE-83882-1

references:
cis@rhel8: 1.1.6.3
cis@rhel8: 1.1.2.7.2
cis@rhel9: 1.1.6.3
cis@ubuntu2204: 1.1.6.3
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ identifiers:
cce@rhel9: CCE-83878-9

references:
cis@rhel8: 1.1.6.2
cis@rhel8: 1.1.2.7.4
cis@rhel9: 1.1.6.2
cis@ubuntu2204: 1.1.6.2
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ identifiers:
cce@rhel9: CCE-83893-8

references:
cis@rhel8: 1.1.6.4
cis@rhel8: 1.1.2.7.3
cis@rhel9: 1.1.6.4
cis@ubuntu2204: 1.1.6.4
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ identifiers:
cce@rhel9: CCE-83886-2

references:
cis@rhel8: 1.1.5.2
cis@rhel8: 1.1.2.6.2
cis@rhel9: 1.1.5.2
cis@ubuntu2204: 1.1.5.2
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ identifiers:

references:
anssi: BP28(R12)
cis@rhel8: 1.1.5.3
cis@rhel8: 1.1.2.6.4
cis@rhel9: 1.1.5.3
cis@ubuntu2204: 1.1.5.3
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ identifiers:

references:
anssi: BP28(R12)
cis@rhel8: 1.1.5.4
cis@rhel8: 1.1.2.6.3
cis@rhel9: 1.1.5.4
cis@ubuntu2204: 1.1.5.4
disa: CCI-001764
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ identifiers:
cce@rhel9: CCE-83868-0

references:
cis@rhel8: 1.1.3.2
cis@rhel8: 1.1.2.4.2
cis@rhel9: 1.1.3.2
cis@ubuntu2204: 1.1.3.2
nerc-cip: CIP-003-8 R5.1.1,CIP-003-8 R5.3,CIP-004-6 R2.3,CIP-007-3 R2.1,CIP-007-3 R2.2,CIP-007-3 R2.3,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ identifiers:
references:
anssi: BP28(R12)
cis@alinux3: 1.1.3.2
cis@rhel8: 1.1.3.3

platform: machine and mount[var]

Expand Down
Loading

0 comments on commit 7b68e78

Please sign in to comment.