From b40d1dde32d0a6d36ece7d7b14291ecb9703c9f8 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Fri, 6 Sep 2024 16:29:55 +0200 Subject: [PATCH 1/5] Remove rules from RHEL10 OSPP profile that are not present in RHEL9. The RHEL10 OSPP should be heavily based on the contents of the RHEL9 OSPP profile. The OSPP control file was created based on the "ospp" references coming from rules. If a rule had a reference assigned, then it would be included in the control. --- controls/ospp.yml | 192 +----------------- .../package_gnutls-utils_installed/rule.yml | 2 +- 2 files changed, 8 insertions(+), 186 deletions(-) diff --git a/controls/ospp.yml b/controls/ospp.yml index 1734ed07b35..42327f4dc0e 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -28,9 +28,7 @@ controls: - base rules: - auditd_freq - - auditd_local_events - grub2_audit_argument - - package_audit-libs_installed - package_audit_installed - audit_basic_configuration - service_auditd_enabled @@ -42,95 +40,6 @@ controls: levels: - base rules: - - audit_rules_dac_modification_chmod - - audit_rules_dac_modification_chown - - audit_rules_dac_modification_fchmod - - audit_rules_dac_modification_fchmodat - - audit_rules_dac_modification_fchown - - audit_rules_dac_modification_fchownat - - audit_rules_dac_modification_fremovexattr - - audit_rules_dac_modification_fsetxattr - - audit_rules_dac_modification_lchown - - audit_rules_dac_modification_lremovexattr - - audit_rules_dac_modification_lsetxattr - - audit_rules_dac_modification_removexattr - - audit_rules_dac_modification_setxattr - - audit_rules_execution_chcon - - audit_rules_execution_restorecon - - audit_rules_execution_semanage - - audit_rules_execution_setsebool - - audit_rules_execution_seunshare - - audit_rules_file_deletion_events - - audit_rules_file_deletion_events_rename - - audit_rules_file_deletion_events_renameat - - audit_rules_file_deletion_events_rmdir - - audit_rules_file_deletion_events_unlink - - audit_rules_file_deletion_events_unlinkat - - audit_rules_unsuccessful_file_modification_creat - - audit_rules_unsuccessful_file_modification_ftruncate - - audit_rules_unsuccessful_file_modification_open - - audit_rules_unsuccessful_file_modification_open_by_handle_at - - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat - - audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write - - audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order - - audit_rules_unsuccessful_file_modification_open_o_creat - - audit_rules_unsuccessful_file_modification_open_o_trunc_write - - audit_rules_unsuccessful_file_modification_open_rule_order - - audit_rules_unsuccessful_file_modification_openat - - audit_rules_unsuccessful_file_modification_openat_o_creat - - audit_rules_unsuccessful_file_modification_openat_o_trunc_write - - audit_rules_unsuccessful_file_modification_openat_rule_order - - audit_rules_unsuccessful_file_modification_rename - - audit_rules_unsuccessful_file_modification_renameat - - audit_rules_unsuccessful_file_modification_truncate - - audit_rules_unsuccessful_file_modification_unlink - - audit_rules_unsuccessful_file_modification_unlinkat - - audit_rules_kernel_module_loading_delete - - audit_rules_kernel_module_loading_finit - - audit_rules_kernel_module_loading_init - - audit_rules_login_events_faillock - - audit_rules_login_events_lastlog - - audit_rules_login_events_tallylog - - audit_rules_privileged_commands_at - - audit_rules_privileged_commands_gpasswd - - audit_rules_privileged_commands_mount - - audit_rules_privileged_commands_newgidmap - - audit_rules_privileged_commands_newgrp - - audit_rules_privileged_commands_newuidmap - - audit_rules_privileged_commands_passwd - - audit_rules_privileged_commands_ssh_keysign - - audit_rules_privileged_commands_su - - audit_rules_privileged_commands_sudo - - audit_rules_privileged_commands_sudoedit - - audit_rules_privileged_commands_unix2_chkpwd - - audit_rules_privileged_commands_unix_chkpwd - - audit_rules_privileged_commands_userhelper - - audit_rules_privileged_commands_usernetctl - - audit_rules_etc_group_open - - audit_rules_etc_group_open_by_handle_at - - audit_rules_etc_group_openat - - audit_rules_etc_gshadow_open - - audit_rules_etc_gshadow_open_by_handle_at - - audit_rules_etc_gshadow_openat - - audit_rules_etc_passwd_open - - audit_rules_etc_passwd_open_by_handle_at - - audit_rules_etc_passwd_openat - - audit_rules_etc_shadow_open - - audit_rules_etc_shadow_open_by_handle_at - - audit_rules_etc_shadow_openat - - audit_rules_mac_modification - - audit_rules_mac_modification_usr_share - - audit_rules_session_events - - audit_rules_sysadmin_actions - - audit_rules_usergroup_modification_group - - audit_rules_usergroup_modification_gshadow - - audit_rules_usergroup_modification_opasswd - - audit_rules_usergroup_modification_passwd - - audit_rules_usergroup_modification_shadow - - directory_access_var_log_audit - - auditd_audispd_configure_remote_server - - auditd_audispd_encrypt_sent_records - - auditd_audispd_syslog_plugin_activated - audit_access_failed - audit_access_failed_aarch64 - audit_access_failed_ppc64le @@ -172,9 +81,6 @@ controls: - audit_perm_change_success - audit_perm_change_success_aarch64 - audit_perm_change_success_ppc64le - - audit_rules_for_ospp - - rsyslog_cron_logging - - rsyslog_remote_loghost status: automated - id: FAU_GEN.1.2 title: 'Audit Data Generation - Audit Event Format' @@ -192,7 +98,6 @@ controls: levels: - base rules: - - auditd_write_logs - grub2_audit_backlog_limit_argument - zipl_audit_backlog_limit_argument status: automated @@ -216,10 +121,7 @@ controls: title: 'Cryptographic Key Generation - asymmetric cryptographic' levels: - base - rules: - - ssh_client_use_strong_rng_csh - - ssh_client_use_strong_rng_sh - status: automated + status: pending - id: FCS_CKM.2 title: 'Cryptographic Key Establishment' levels: @@ -267,24 +169,11 @@ controls: - enable_fips_mode status: automated - - id: FCS_IPSEC_EXT.1.4 - levels: - - base - rules: - - configure_libreswan_crypto_policy - status: automated - - id: FCS_IPSEC_EXT.1.6 - levels: - - base - rules: - - configure_libreswan_crypto_policy - status: automated - id: FCS_RBG_EXT.1 title: 'Random Bit Generation' levels: - base rules: - - service_rngd_enabled - enable_dracut_fips_module - enable_fips_mode status: automated @@ -292,18 +181,13 @@ controls: title: 'Random Bit Generation - deterministic random bit generation' levels: - base - rules: - - grub2_kernel_trust_cpu_rng - status: automated + status: pending - id: FCS_RBG_EXT.1.2 title: 'Random Bit Generation - entropy source' levels: - base - rules: - - sshd_use_strong_rng - - openssl_use_strong_entropy - status: automated + status: pending - id: FCS_SSHC_EXT.1 title: 'SSH Client Protocol' @@ -312,7 +196,6 @@ controls: rules: - package_openssh-clients_installed - configure_ssh_crypto_policy - - harden_ssh_client_crypto_policy status: automated - id: FCS_SSHS_EXT.1 title: 'SSH Server Protocol' @@ -321,7 +204,6 @@ controls: rules: - package_openssh-server_installed - configure_ssh_crypto_policy - - harden_sshd_crypto_policy status: automated - id: FCS_SSH_EXT.1 @@ -357,8 +239,6 @@ controls: levels: - base rules: - - rsyslog_remote_tls - - rsyslog_remote_tls_cacert - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode @@ -368,9 +248,7 @@ controls: title: 'Allowed Cipher Suites' levels: - base - rules: - - harden_openssl_crypto_policy - status: automated + status: pending - id: FIA_AFL.1 title: 'Authentication failure handling' levels: @@ -389,25 +267,14 @@ controls: rules: - disable_host_auth - sshd_disable_empty_passwords - - sshd_disable_rhosts - - sshd_disable_rhosts_rsa - - sshd_disable_user_known_hosts - - coreos_disable_interactive_boot - - grub2_disable_interactive_boot - - require_emergency_target_auth - require_singleuser_auth - service_debug-shell_disabled - no_empty_passwords - enable_authselect - grub2_disable_recovery - grub2_systemd_debug-shell_argument_absent - - grub2_admin_username - - grub2_password - - grub2_uefi_admin_username - grub2_uefi_password - zipl_systemd_debug-shell_argument_absent - - gnome_gdm_disable_automatic_login - - gnome_gdm_disable_guest_login status: automated - id: FIA_UAU.5 @@ -432,8 +299,8 @@ controls: levels: - base rules: - - rsyslog_remote_tls - status: automated + - package_gnutls-utils_installed + status: pending - id: FIA_X509_EXT.2 title: 'X.509 Certificate Validation - basicConstraints' @@ -448,28 +315,7 @@ controls: levels: - base rules: - - banner_etc_issue - - dconf_gnome_banner_enabled - - dconf_gnome_login_banner_text - - accounts_passwords_pam_faillock_deny_root - - accounts_passwords_pam_tally2_deny_root - - accounts_passwords_pam_tally2_unlock_time - - accounts_password_pam_retry - - accounts_tmout - - set_firewalld_default_zone - - dconf_gnome_login_retries - - dconf_gnome_screensaver_idle_activation_enabled - - dconf_gnome_screensaver_idle_activation_locked - - dconf_gnome_screensaver_idle_delay - - dconf_gnome_screensaver_lock_delay - - dconf_gnome_screensaver_lock_enabled - - dconf_gnome_screensaver_lock_locked - - dconf_gnome_screensaver_mode_blank - - dconf_gnome_screensaver_user_info - - dconf_gnome_screensaver_user_locks - - dconf_gnome_session_idle_user_locks - package_sudo_installed - - dconf_gnome_disable_user_admin - logind_session_timeout - var_logind_session_timeout=30_minutes status: automated @@ -479,18 +325,12 @@ controls: levels: - base rules: - - package_audispd-plugins_installed - service_fapolicyd_enabled - chronyd_client_only - - chronyd_no_chronyc_network - package_chrony_installed - - sssd_run_as_sssd_user - configure_usbguard_auditbackend - service_usbguard_enabled - - usbguard_allow_hid - usbguard_allow_hid_and_hub - - usbguard_allow_hub - - usbguard_generate_policy - accounts_password_pam_dcredit - accounts_password_pam_lcredit - accounts_password_pam_minlen @@ -498,25 +338,16 @@ controls: - accounts_password_pam_ucredit - package_firewalld_installed - service_firewalld_enabled - - kernel_module_atm_disabled - kernel_module_can_disabled - - kernel_module_firewire-core_disabled - kernel_module_tipc_disabled - - coredump_disable_backtraces - - coredump_disable_storage - service_systemd-coredump_disabled - - sysctl_kernel_core_pattern - sysctl_kernel_core_pattern_empty_string - sysctl_kernel_core_uses_pid - sysctl_kernel_perf_event_paranoid - - sysctl_kernel_unprivileged_bpf_disabled - sysctl_kernel_unprivileged_bpf_disabled_accept_default - - sysctl_net_core_bpf_jit_harden - sysctl_user_max_user_namespaces - partition_for_var_log_audit - - package_nss-tools_installed - dnf-automatic_apply_updates - - dnf-automatic_security_updates_only - timer_dnf-automatic_enabled - logind_session_timeout - var_logind_session_timeout=30_minutes @@ -530,7 +361,6 @@ controls: - service_kdump_disabled - logind_session_timeout - use_pam_wheel_for_su - - rsyslog_remote_tls status: automated - id: FPT_ASLR_EXT.1 @@ -553,7 +383,6 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed status: automated - id: FPT_TUD_EXT.2 @@ -567,7 +396,6 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_redhat_gpgkey_installed - - ensure_suse_gpgkey_installed status: automated - id: FTA_SSL.1 @@ -585,7 +413,6 @@ controls: - base rules: - sshd_enable_warning_banner - - sshd_enable_warning_banner_net status: automated - id: FTP_ITC_EXT.1 @@ -593,7 +420,6 @@ controls: levels: - base rules: - - kerberos_disable_no_keytab - package_openssh-clients_installed - package_openssh-server_installed - sshd_disable_gssapi_auth @@ -604,8 +430,4 @@ controls: title: 'Trusted channel communication - TLS' levels: - base - rules: - - package_rsyslog-gnutls_installed - - package_rsyslog_installed - - rsyslog_remote_tls - status: automated + status: pending diff --git a/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml index f7bd20137c3..18ab75439f9 100644 --- a/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_gnutls-utils_installed/rule.yml @@ -22,7 +22,7 @@ identifiers: cce@rhel10: CCE-90403-7 references: - ospp: FIA_X509_EXT.1,FIA_X509_EXT.2 + ospp: FIA_X509_EXT.1,FIA_X509_EXT.1.1,FIA_X509_EXT.2 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'the package is not installed' From 277e69e85f1ea93ad08d9263f571a66d9468e16c Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Fri, 6 Sep 2024 16:56:16 +0200 Subject: [PATCH 2/5] Remove ospp references from rules that are not present in RHEL9 OSPP. --- .../audit_rules_dac_modification_chmod/rule.yml | 1 - .../audit_rules_dac_modification_chown/rule.yml | 1 - .../audit_rules_dac_modification_fchmod/rule.yml | 1 - .../audit_rules_dac_modification_fchmodat/rule.yml | 1 - .../audit_rules_dac_modification_fchown/rule.yml | 1 - .../audit_rules_dac_modification_fchownat/rule.yml | 1 - .../audit_rules_dac_modification_fremovexattr/rule.yml | 1 - .../audit_rules_dac_modification_fsetxattr/rule.yml | 1 - .../audit_rules_dac_modification_lchown/rule.yml | 1 - .../audit_rules_dac_modification_lremovexattr/rule.yml | 1 - .../audit_rules_dac_modification_lsetxattr/rule.yml | 1 - .../audit_rules_dac_modification_removexattr/rule.yml | 1 - .../audit_rules_dac_modification_setxattr/rule.yml | 1 - .../audit_rules_execution_chcon/rule.yml | 1 - .../audit_rules_execution_restorecon/rule.yml | 1 - .../audit_rules_execution_semanage/rule.yml | 1 - .../audit_rules_execution_setsebool/rule.yml | 1 - .../audit_rules_execution_seunshare/rule.yml | 1 - .../audit_rules_file_deletion_events/rule.yml | 1 - .../audit_rules_file_deletion_events_rename/rule.yml | 1 - .../audit_rules_file_deletion_events_renameat/rule.yml | 1 - .../audit_rules_file_deletion_events_rmdir/rule.yml | 1 - .../audit_rules_file_deletion_events_unlink/rule.yml | 1 - .../audit_rules_file_deletion_events_unlinkat/rule.yml | 1 - .../audit_rules_unsuccessful_file_modification_creat/rule.yml | 1 - .../rule.yml | 1 - .../audit_rules_unsuccessful_file_modification_open/rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../rule.yml | 1 - .../audit_rules_kernel_module_loading_delete/rule.yml | 1 - .../audit_rules_kernel_module_loading_finit/rule.yml | 1 - .../audit_rules_kernel_module_loading_init/rule.yml | 1 - .../audit_rules_login_events_faillock/rule.yml | 1 - .../audit_rules_login_events_lastlog/rule.yml | 1 - .../audit_rules_login_events_tallylog/rule.yml | 1 - .../audit_rules_privileged_commands_at/rule.yml | 1 - .../audit_rules_privileged_commands_gpasswd/rule.yml | 1 - .../audit_rules_privileged_commands_mount/rule.yml | 1 - .../audit_rules_privileged_commands_newgidmap/rule.yml | 1 - .../audit_rules_privileged_commands_newgrp/rule.yml | 1 - .../audit_rules_privileged_commands_newuidmap/rule.yml | 1 - .../audit_rules_privileged_commands_passwd/rule.yml | 1 - .../audit_rules_privileged_commands_ssh_keysign/rule.yml | 1 - .../audit_rules_privileged_commands_su/rule.yml | 1 - .../audit_rules_privileged_commands_sudo/rule.yml | 1 - .../audit_rules_privileged_commands_sudoedit/rule.yml | 1 - .../audit_rules_privileged_commands_unix2_chkpwd/rule.yml | 1 - .../audit_rules_privileged_commands_unix_chkpwd/rule.yml | 1 - .../audit_rules_privileged_commands_userhelper/rule.yml | 1 - .../audit_rules_privileged_commands_usernetctl/rule.yml | 1 - .../audit_rules_etc_group_open/rule.yml | 1 - .../audit_rules_etc_group_open_by_handle_at/rule.yml | 1 - .../audit_rules_etc_group_openat/rule.yml | 1 - .../audit_rules_etc_gshadow_open/rule.yml | 1 - .../audit_rules_etc_gshadow_open_by_handle_at/rule.yml | 1 - .../audit_rules_etc_gshadow_openat/rule.yml | 1 - .../audit_rules_etc_passwd_open/rule.yml | 1 - .../audit_rules_etc_passwd_open_by_handle_at/rule.yml | 1 - .../audit_rules_etc_passwd_openat/rule.yml | 1 - .../audit_rules_etc_shadow_open/rule.yml | 1 - .../audit_rules_etc_shadow_open_by_handle_at/rule.yml | 1 - .../audit_rules_etc_shadow_openat/rule.yml | 1 - .../audit_rules_mac_modification/rule.yml | 1 - .../audit_rules_mac_modification_usr_share/rule.yml | 1 - .../audit_rules_session_events/rule.yml | 1 - .../audit_rules_sysadmin_actions/rule.yml | 1 - .../audit_rules_usergroup_modification_group/rule.yml | 1 - .../audit_rules_usergroup_modification_gshadow/rule.yml | 1 - .../audit_rules_usergroup_modification_opasswd/rule.yml | 1 - .../audit_rules_usergroup_modification_passwd/rule.yml | 1 - .../audit_rules_usergroup_modification_shadow/rule.yml | 1 - .../directory_access_var_log_audit/rule.yml | 1 - .../auditd_audispd_configure_remote_server/rule.yml | 1 - .../auditd_audispd_encrypt_sent_records/rule.yml | 1 - .../auditd_audispd_syslog_plugin_activated/rule.yml | 1 - .../auditd_local_events/rule.yml | 1 - .../auditd_write_logs/rule.yml | 1 - .../guide/auditing/package_audispd-plugins_installed/rule.yml | 1 - linux_os/guide/auditing/package_audit-libs_installed/rule.yml | 1 - .../guide/auditing/policy_rules/audit_rules_for_ospp/rule.yml | 1 - .../services/kerberos/kerberos_disable_no_keytab/rule.yml | 1 - .../guide/services/ntp/chronyd_no_chronyc_network/rule.yml | 1 - linux_os/guide/services/rng/service_rngd_enabled/rule.yml | 1 - .../ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml | 1 - .../ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml | 1 - .../services/ssh/ssh_server/sshd_disable_rhosts/rule.yml | 1 - .../services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml | 1 - .../ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml | 1 - .../ssh/ssh_server/sshd_enable_warning_banner_net/rule.yml | 1 - .../services/ssh/ssh_server/sshd_use_strong_rng/rule.yml | 1 - linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml | 1 - linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml | 1 - linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml | 1 - .../guide/services/usbguard/usbguard_generate_policy/rule.yml | 1 - .../accounts/accounts-banners/banner_etc_issue/rule.yml | 1 - .../gui_login_banner/dconf_gnome_banner_enabled/rule.yml | 1 - .../gui_login_banner/dconf_gnome_login_banner_text/rule.yml | 1 - .../accounts_passwords_pam_faillock_deny_root/rule.yml | 1 - .../accounts_passwords_pam_tally2_deny_root/rule.yml | 1 - .../accounts_passwords_pam_tally2_unlock_time/rule.yml | 1 - .../accounts_password_pam_retry/rule.yml | 1 - .../coreos_disable_interactive_boot/rule.yml | 1 - .../accounts-physical/grub2_disable_interactive_boot/rule.yml | 1 - .../accounts-physical/require_emergency_target_auth/rule.yml | 1 - .../system/accounts/accounts-session/accounts_tmout/rule.yml | 1 - .../bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml | 1 - .../bootloader-grub2/non-uefi/grub2_admin_username/rule.yml | 1 - .../system/bootloader-grub2/non-uefi/grub2_password/rule.yml | 1 - .../bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml | 1 - .../rsyslog_cron_logging/rule.yml | 1 - .../system/logging/package_rsyslog-gnutls_installed/rule.yml | 1 - .../guide/system/logging/package_rsyslog_installed/rule.yml | 1 - .../rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml | 1 - .../rsyslog_sending_messages/rsyslog_remote_tls/rule.yml | 1 - .../rsyslog_remote_tls_cacert/rule.yml | 1 - .../ruleset_modifications/set_firewalld_default_zone/rule.yml | 1 - .../network-uncommon/kernel_module_atm_disabled/rule.yml | 1 - .../kernel_module_firewire-core_disabled/rule.yml | 1 - .../coredumps/coredump_disable_backtraces/rule.yml | 1 - .../restrictions/coredumps/coredump_disable_storage/rule.yml | 1 - .../restrictions/sysctl_kernel_core_pattern/rule.yml | 1 - .../sysctl_kernel_unprivileged_bpf_disabled/rule.yml | 1 - .../restrictions/sysctl_net_core_bpf_jit_harden/rule.yml | 1 - .../gnome_login_screen/dconf_gnome_login_retries/rule.yml | 1 - .../gnome_gdm_disable_automatic_login/rule.yml | 1 - .../gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml | 1 - .../dconf_gnome_screensaver_idle_activation_enabled/rule.yml | 1 - .../dconf_gnome_screensaver_idle_activation_locked/rule.yml | 1 - .../dconf_gnome_screensaver_idle_delay/rule.yml | 1 - .../dconf_gnome_screensaver_lock_delay/rule.yml | 1 - .../dconf_gnome_screensaver_lock_enabled/rule.yml | 1 - .../dconf_gnome_screensaver_lock_locked/rule.yml | 1 - .../dconf_gnome_screensaver_mode_blank/rule.yml | 1 - .../dconf_gnome_screensaver_user_info/rule.yml | 4 +--- .../dconf_gnome_screensaver_user_locks/rule.yml | 1 - .../dconf_gnome_session_idle_user_locks/rule.yml | 1 - .../dconf_gnome_disable_user_admin/rule.yml | 1 - .../crypto/configure_libreswan_crypto_policy/rule.yml | 1 - .../integrity/crypto/harden_openssl_crypto_policy/rule.yml | 1 - .../integrity/crypto/harden_ssh_client_crypto_policy/rule.yml | 1 - .../integrity/crypto/harden_sshd_crypto_policy/rule.yml | 1 - .../integrity/crypto/openssl_use_strong_entropy/rule.yml | 1 - .../system-tools/package_nss-tools_installed/rule.yml | 1 - .../updating/dnf-automatic_security_updates_only/rule.yml | 1 - .../software/updating/ensure_suse_gpgkey_installed/rule.yml | 1 - 159 files changed, 1 insertion(+), 161 deletions(-) diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml index fd8bf4e345a..b1f28594286 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml @@ -54,7 +54,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml index eb9a71a7bbd..89025c6fde9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml @@ -54,7 +54,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml index 87c9909cdee..a46ebc17832 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml @@ -52,7 +52,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml index 81b53a1cfcb..9562c8dd8e6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml @@ -51,7 +51,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml index ebb226f25ce..ca736b8ab16 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml @@ -54,7 +54,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml index f5ab89e0947..6626ecad36d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml @@ -51,7 +51,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml index 335f10729ea..5c4013706bc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml @@ -69,7 +69,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml index 9756ead9eeb..45a27f73d8b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml @@ -63,7 +63,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml index e1b34de4556..c7ffbfb4fae 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml @@ -55,7 +55,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml index 240ad18ff3b..611f7c8b644 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml @@ -68,7 +68,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml index 574ecc36d75..1e73f25ba0e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml @@ -63,7 +63,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml index 9c88331a0ed..e30fa238fb3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml @@ -67,7 +67,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml index 8c8f9b4dfd1..9c10dfebd49 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml @@ -63,7 +63,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000466-GPOS-00210,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030440 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml index 2fe1d208136..3e4f18339e4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml @@ -56,7 +56,6 @@ references: nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a) nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii)AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030580 stigid@ol8: OL08-00-030260 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml index ecf5cc94c49..2dd972a1576 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml @@ -51,7 +51,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000392-GPOS-00172,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209 {{{ ocil_fix_srg_privileged_command("restorecon", "/usr/sbin/") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml index 7f9a6d07e84..42e60ffdb23 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml @@ -53,7 +53,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030560 stigid@ol8: OL08-00-030313 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml index 7373a058f33..ec82b9c27e0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml @@ -52,7 +52,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030570 stigid@ol8: OL08-00-030316 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml index 83c97ec3e19..ef6ea98e5cf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml @@ -43,7 +43,6 @@ identifiers: references: disa: CCI-000172 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil: |- To verify that execution of the command is being audited, run the following command: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml index 87dd621824c..35773eb8e6a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml @@ -42,7 +42,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 ocil: |- diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml index 7c58ae36280..f6ba9e59476 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml @@ -49,7 +49,6 @@ references: iso27001-2013: A.11.2.4,A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.1.1,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.MA-2,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml index 584aba62b3c..982ca74502c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml @@ -46,7 +46,6 @@ references: iso27001-2013: A.11.2.4,A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.1.1,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.MA-2,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml index 0be8a777396..8c75354f68b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml @@ -45,7 +45,6 @@ references: iso27001-2013: A.11.2.4,A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.1.1,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.MA-2,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml index 4a3ea244fe5..b6ed836e89b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml @@ -49,7 +49,6 @@ references: iso27001-2013: A.11.2.4,A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.1.1,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.MA-2,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml index 1f244c22ca4..aaedeae22c4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml @@ -46,7 +46,6 @@ references: iso27001-2013: A.11.2.4,A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.1.1,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.MA-2,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml index 3ce85736bbf..5ef286456b2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -58,7 +58,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml index 1a2e8872ef0..16611980b3f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -58,7 +58,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml index 44f9986d4a7..a50b072e59a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -62,7 +62,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml index 75ccce65abd..218c32fd8f9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -51,7 +51,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(c),AU-12.1(iv),AU-12(a),AU-12.1(ii),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml index 673b96cbf49..2bd585b36d8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml @@ -54,7 +54,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml index 23f6edf9ce7..ff18f630655 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml @@ -53,7 +53,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml index 1a45fd3db98..589df34cf70 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml @@ -61,7 +61,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml index 43492ff2521..e26af4254a4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml @@ -57,7 +57,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml index a805703417d..98293145eb4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml @@ -52,7 +52,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml index 1331149bd6a..a31e7f893f1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml @@ -64,7 +64,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml index ea27ed7aef2..89e9c4d4822 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -58,7 +58,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(a),AU-12.1(ii),AU-12(c),AU-12.1(iv),AU-3,AU-3.1,MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml index f59b58fbf23..f8cf15f1234 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml @@ -54,7 +54,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml index e3d24c34c65..b46d4fd5431 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml @@ -53,7 +53,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml index f57dc26fc0d..daf0ea5b231 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml @@ -61,7 +61,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000392-GPOS-00172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml index a8088acd914..9062e975363 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml @@ -49,7 +49,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(c),AU-12.1(iv) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000468-GPOS-00212,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@sle12: SLES-12-020411 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml index 36c3c1d24d0..e0feb4153f1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml @@ -56,7 +56,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(c),AU-12.1(iv) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000468-GPOS-00212,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@sle12: SLES-12-020411 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml index b7dfb97bc94..b3b65383f11 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -57,7 +57,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml index 51d8427f3a1..98c1b2a89f6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml @@ -62,7 +62,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(c),AU-12.1(iv) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000468-GPOS-00212,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@sle12: SLES-12-020411 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml index 5a7cf019d9f..9f7400e13da 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml @@ -59,7 +59,6 @@ references: nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-12(c),AU-12.1(iv) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.4,Req-10.2.1 srg: SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000468-GPOS-00212,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@sle12: SLES-12-020411 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml index accfc475ba1..794549752ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -51,7 +51,6 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030830 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml index be7b32afdab..a19d38c58b4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -50,7 +50,6 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml index f011b9f9961..706be1c0c86 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -50,7 +50,6 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.7 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml index b7b7ab66c6f..5cd63a23d11 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml @@ -45,7 +45,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030610 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml index 28629ad6e42..0c444bd7372 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -47,7 +47,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214,SRG-APP-000495-CTR-001235,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030620 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml index d257163fb2a..46e1b505446 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml @@ -46,7 +46,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218,SRG-APP-000503-CTR-001275 stigid@sle12: SLES-12-020650 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml index 9157c17f2ae..a85f4c6974e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml @@ -43,7 +43,6 @@ references: cis@ubuntu2204: 4.1.3.6 disa: CCI-000172 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil_clause: '{{{ ocil_clause_audit() }}}' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml index 90b3941f0cf..1a56d8732f9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml @@ -56,7 +56,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030650 stigid@ol8: OL08-00-030370 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml index 0a926a6e88f..165b0dafa5e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml @@ -45,7 +45,6 @@ references: cis@ubuntu2204: 4.1.3.6 disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030300 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml index 2576c601aba..0b5148bf0d7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml @@ -44,7 +44,6 @@ references: disa: CCI-000172 nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil_clause: '{{{ ocil_clause_audit() }}}' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml index 03ef1399468..824fbf2efe9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml @@ -56,7 +56,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030710 stigid@ol8: OL08-00-030350 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml index eade8c77369..ec8f42f0724 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml @@ -44,7 +44,6 @@ references: disa: CCI-000172 nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil_clause: '{{{ ocil_clause_audit() }}}' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml index e56a8620488..fdd446d5815 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml @@ -54,7 +54,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030630 stigid@ol8: OL08-00-030290 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml index 1ab729e15aa..105548d1608 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml @@ -63,7 +63,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030780 stigid@ol8: OL08-00-030320 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml index 91a5e936eea..2eca54f1d0e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml @@ -55,7 +55,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030680 stigid@ol8: OL08-00-030190 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml index 46a075f9719..2903cedcbe4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -55,7 +55,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030690 stigid@ol8: OL08-00-030550 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml index e2157d3172f..98eca632f96 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml @@ -55,7 +55,6 @@ references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv) - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235,SRG-OS-000755-GPOS-00220 stigid@sle15: SLES-15-030330 stigid@ubuntu2004: UBTU-20-010162 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix2_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix2_chkpwd/rule.yml index a5c5e43ad00..c3cf8b7948b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix2_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix2_chkpwd/rule.yml @@ -48,7 +48,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AC-2(4),AU-2(d),AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(ii),AU-12.1(iv),AC-6(9),CM-6(a),MA-4(1)(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000042-GPOS-00020,SRG-OS-000392-GPOS-00172,SRG-OS-000471-GPOS-00215,SRG-OS-000037-GPOS-00015 stigid@sle15: SLES-15-030110 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml index 4bf53b3d95b..fd95c3679ee 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml @@ -56,7 +56,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3,CIP-007-3 R6.5 nist: AC-2(4),AU-2(d),AU-3,AU-3.1,AU-12(a),AU-12(c),AU-12.1(ii),AU-12.1(iv),AC-6(9),CM-6(a),MA-4(1)(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030640 stigid@ol8: OL08-00-030317 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml index f2769826429..bd7a833c6b0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml @@ -51,7 +51,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.14.2.7,A.15.2.1,A.15.2.2 nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030670 stigid@ol8: OL08-00-030315 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml index a0ec6851ae4..612eb66ef1b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml @@ -42,7 +42,6 @@ references: disa: CCI-000172 nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil_clause: '{{{ ocil_clause_audit() }}}' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml index c3269f63fff..5267cb0886e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml @@ -34,7 +34,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml index 183cd572261..11a9476fa08 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open_by_handle_at") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml index 8de329da65f..6a70383f0c5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="openat") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml index 6b09e57ffc0..e6fc14e4352 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml @@ -34,7 +34,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml index a5907cfe408..2aa9125d905 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open_by_handle_at") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml index 596cfe8be07..99561f5b15c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="openat") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml index 01a83a85fda..e2f5658595a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml @@ -34,7 +34,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml index a920b047a22..f2b100515de 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open_by_handle_at") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml index 4fa5a7cfdfd..400070b4532 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="openat") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml index fbcbeddcc56..01a93d0db81 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml @@ -34,7 +34,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml index 9f7eb3ff555..7e8a14e182f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="open_by_handle_at") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml index c2f5a496e5d..3d4adfdf97b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml @@ -31,7 +31,6 @@ identifiers: references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c {{{ complete_ocil_entry_audit_syscall(syscall="openat") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml index 6eae7f22b4b..0049d293064 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml @@ -42,7 +42,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 ocil_clause: 'the system is not configured to audit attempts to change the MAC policy' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/rule.yml index 02e5a973622..de38f3e7682 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/rule.yml @@ -38,7 +38,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.5 ocil_clause: 'the system is not configured to audit attempts to change the MAC policy' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml index 71fdbfb191b..b8dad7b568c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml @@ -50,7 +50,6 @@ references: iso27001-2013: A.11.2.6,A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.7,A.15.2.1,A.15.2.2,A.16.1.4,A.16.1.5,A.16.1.7,A.6.2.1,A.6.2.2 nist: AU-2(d),AU-12(c),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-3,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.3 srg: SRG-APP-000505-CTR-001285 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml index 3fbd9c88386..9d693f53480 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml @@ -48,7 +48,6 @@ references: nist: AC-2(7)(b),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv),MA-4(1)(a) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.2,Req-10.2.5.b srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000026-CTR-000070,SRG-APP-000027-CTR-000075,SRG-APP-000028-CTR-000080,SRG-APP-000291-CTR-000675,SRG-APP-000292-CTR-000680,SRG-APP-000293-CTR-000685,SRG-APP-000294-CTR-000690,SRG-APP-000319-CTR-000745,SRG-APP-000320-CTR-000750,SRG-APP-000509-CTR-001305 stigid@ol7: OL07-00-030700 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml index 7f42285a116..a8f8c2f1d9a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -52,7 +52,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.5 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030871 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml index 0a6c4310a4f..c816876fb96 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -51,7 +51,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.5 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030872 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml index 3d804044e64..85b9413cba6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -53,7 +53,6 @@ references: nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 nist@sle15: AC-2(4).1(i&ii),AU-12.1(iv) - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.5 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030874 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml index 88018f8800c..09f6050681d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -52,7 +52,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.5 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030870 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml index 7b9cdc9a33e..a4034c10525 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -52,7 +52,6 @@ references: nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.1.3,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3 nist: AC-2(4),AU-2(d),AU-12(c),AC-6(9),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,DE.CM-1,DE.CM-3,DE.CM-7,ID.SC-4,PR.AC-1,PR.AC-3,PR.AC-4,PR.AC-6,PR.PT-1,PR.PT-4,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.2.5 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030873 diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml index 2f5deabdd28..9299ad75bf0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml @@ -30,7 +30,6 @@ identifiers: references: nist: AU-2(d),AU-12(c),AC-6(9),CM-6(a) - ospp: FAU_GEN.1.1.c ocil_clause: "no line is returned" diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml index 586b065eb61..caab8a20df8 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml @@ -33,7 +33,6 @@ identifiers: references: disa: CCI-001851 nist@sle12: AU-4(1) - ospp: FAU_GEN.1.1.c srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224 stigid@ol7: OL07-00-030300 stigid@sle12: SLES-12-020090 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml index a4aa76c525c..8d08fd6c5f8 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml @@ -33,7 +33,6 @@ identifiers: references: disa: CCI-001851 nist: AU-9(3),CM-6(a) - ospp: FAU_GEN.1.1.c srg: SRG-OS-000342-GPOS-00133,SRG-OS-000479-GPOS-00224 stigid@ol7: OL07-00-030310 stigid@sle12: SLES-12-020080 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml index 550198d094b..2fbc8300afc 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml @@ -36,7 +36,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.16.1.4,A.16.1.5,A.16.1.7 nist: AU-4(1),CM-6(a) nist-csf: DE.AE-3,DE.AE-5,PR.PT-1,RS.AN-1,RS.AN-4 - ospp: FAU_GEN.1.1.c pcidss: Req-10.5.3 srg: SRG-OS-000479-GPOS-00224,SRG-OS-000342-GPOS-00133 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml index 8bc73ade9fa..b8cd57aa664 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml @@ -22,7 +22,6 @@ identifiers: references: disa: CCI-000366 nist: CM-6 - ospp: FAU_GEN.1 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-030061 stigid@rhel8: RHEL-08-030061 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml index 68e3e60c2cb..602a622b042 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/rule.yml @@ -21,7 +21,6 @@ identifiers: references: nist: CM-6 - ospp: FAU_STG.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: write_logs isn't set to yes diff --git a/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml index 96bc1a477c1..f3c77b1eeff 100644 --- a/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml +++ b/linux_os/guide/auditing/package_audispd-plugins_installed/rule.yml @@ -19,7 +19,6 @@ identifiers: cce@rhel10: CCE-88547-5 references: - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000342-GPOS-00133 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/auditing/package_audit-libs_installed/rule.yml b/linux_os/guide/auditing/package_audit-libs_installed/rule.yml index 3101bb36f55..0e80e5eac4f 100644 --- a/linux_os/guide/auditing/package_audit-libs_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit-libs_installed/rule.yml @@ -28,7 +28,6 @@ references: nerc-cip: CIP-004-6 R3.3,CIP-007-3 R6.5 nist: AC-7(a),AU-7(1),AU-7(2),AU-14,AU-12(2),AU-2(a),CM-6(a) nist@sle12: AU-7(a),AU-7(b),AU-8(b),AU-12.1(iv),AU-12(3),AU-12(c),CM-5(1) - ospp: FAU_GEN.1 pcidss: Req-10.2.1 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220 diff --git a/linux_os/guide/auditing/policy_rules/audit_rules_for_ospp/rule.yml b/linux_os/guide/auditing/policy_rules/audit_rules_for_ospp/rule.yml index 379c3d164b2..441cb466355 100644 --- a/linux_os/guide/auditing/policy_rules/audit_rules_for_ospp/rule.yml +++ b/linux_os/guide/auditing/policy_rules/audit_rules_for_ospp/rule.yml @@ -42,7 +42,6 @@ identifiers: references: nist: NONE - ospp: FAU_GEN.1.1.c srg: SRG-OS-000004-GPOS-00004,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000476-GPOS-00221,SRG-OS-000327-GPOS-00127,SRG-OS-000064-GPOS-00033,SRG-OS-000365-GPOS-00152,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000472-GPOS-00217,SRG-OS-000474-GPOS-00219,SRG-OS-000475-GPOS-00220,SRG-OS-000477-GPOS-00222 ocil_clause: 'the files are not there or differ' diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml index 34d5d97591a..181c6b3b0d1 100644 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml @@ -24,7 +24,6 @@ identifiers: references: disa: CCI-000803 ism: 0418,1055,1402 - ospp: FTP_ITC_EXT.1 srg: SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010161 stigid@rhel8: RHEL-08-010161 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml index 7d5329a1246..d9aaa877a64 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml @@ -25,7 +25,6 @@ identifiers: references: disa: CCI-000381 nist: CM-7(1) - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030742 stigid@rhel8: RHEL-08-030742 diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml index d136ba9b13b..f8dc58c3299 100644 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml @@ -21,7 +21,6 @@ identifiers: references: disa: CCI-000366 - ospp: FCS_RBG_EXT.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010473 stigid@rhel8: RHEL-08-010471 diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml index 84618a42191..1ab65610b69 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_csh/rule.yml @@ -24,7 +24,6 @@ identifiers: cce@rhel10: CCE-87940-3 references: - ospp: FCS_CKM.1.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'SSH client is not configured to use 32 bytes of entropy or more' diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml index 6ae9969989c..2f0bcb5913e 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml +++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_use_strong_rng_sh/rule.yml @@ -24,7 +24,6 @@ identifiers: cce@rhel10: CCE-86267-2 references: - ospp: FCS_CKM.1.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'SSH client is not configured to use 32 bytes of entropy or more' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml index b5e6ad620b9..6c8ffe671c0 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml @@ -43,7 +43,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: AC-17(a),CM-7(a),CM-7(b),CM-6(a) nist-csf: PR.AC-4,PR.AC-6,PR.IP-1,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040350 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml index 15475c0db0a..a42f5104cc1 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml @@ -33,7 +33,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4 nist: AC-17(a),CM-7(a),CM-7(b),CM-6(a) nist-csf: PR.IP-1 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040330 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml index 78a8f5724ff..362fe2673bf 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml @@ -36,7 +36,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4 nist: AC-17(a),CM-7(a),CM-7(b),CM-6(a) nist-csf: PR.IP-1 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040380 stigid@ol8: OL08-00-010520 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner_net/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner_net/rule.yml index 47453a362f3..9299ede2516 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner_net/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner_net/rule.yml @@ -40,7 +40,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: AC-8(a),AC-8(c),AC-17(a),CM-6(a) nist-csf: PR.AC-7 - ospp: FTA_TAB.1 srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088 stigid@ubuntu2004: UBTU-20-010038 stigid@ubuntu2204: UBTU-22-255020 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml index eb448d4c8da..20d36dd38c2 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml @@ -27,7 +27,6 @@ identifiers: references: disa: CCI-000366 - ospp: FCS_RBG_EXT.1.2 srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010292 stigid@rhel8: RHEL-08-010292 diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml index 04b63ae0d06..c32c838daa2 100644 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/rule.yml @@ -18,7 +18,6 @@ identifiers: cce@rhel10: CCE-88773-7 references: - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'it does not exist or is not configured properly' diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml index 2ccf7d691e2..6edd7c67544 100644 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml @@ -26,7 +26,6 @@ identifiers: cce@rhel10: CCE-88872-7 references: - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000114-GPOS-00059 ocil_clause: 'USB devices of class 3 are not authorized' diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml index 40598ed0493..fc8b6dea4c8 100644 --- a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml @@ -24,7 +24,6 @@ identifiers: cce@rhel10: CCE-89404-8 references: - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000114-GPOS-00059 ocil_clause: 'USB devices of class 9 are not authorized' diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml index 60cd9f63088..bf364d1b7ff 100644 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml @@ -23,7 +23,6 @@ identifiers: references: disa: CCI-000416,CCI-001958 nist: CM-8(3)(a),IA-3 - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000378-GPOS-00163 stigid@ol8: OL08-00-040140 stigid@rhel8: RHEL-08-040140 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml index e9ed3cabd05..415c57f2eb5 100644 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml @@ -116,7 +116,6 @@ references: nist: AC-8(a),AC-8(c) nist-csf: PR.AC-7 nist@sle12: AC-8(a),AC-8.1(ii) - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088 stigid@ol7: OL07-00-010050 stigid@ol8: OL08-00-010060 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml index 4f7473139ba..d4b1a9cb155 100644 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml @@ -50,7 +50,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: AC-8(a),AC-8(b),AC-8(c) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088 stigid@ol7: OL07-00-010030 stigid@ol8: OL08-00-010049 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml index 1fe60ed140f..6be15fae652 100644 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml @@ -54,7 +54,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: AC-8(a),AC-8(c) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088 stigid@ol7: OL07-00-010040 stigid@ol8: OL08-00-010050 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml index ca67b9679f8..109387fc6e7 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml @@ -36,7 +36,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a),AC-7(b),IA-5(c) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 stigid@ol7: OL07-00-010330 stigid@ol8: OL08-00-020022,OL08-00-020023 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_deny_root/rule.yml index 54c6e456e9d..655393b4275 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_deny_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_deny_root/rule.yml @@ -31,7 +31,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a),AC-7(b),IA-5(c) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 ocil_clause: 'limiting the number of failed logon attempts for the root user is not configured' diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_unlock_time/rule.yml index 18da50a7d7b..e86a38f43a8 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_unlock_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_tally2_unlock_time/rule.yml @@ -31,7 +31,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a),AC-7(b),IA-5(c) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.7 srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml index f6d54fe05ab..35d399dba94 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml @@ -44,7 +44,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.18.1.4,A.7.1.1,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a),AC-7(a),IA-5(4) nist-csf: PR.AC-1,PR.AC-6,PR.AC-7,PR.IP-1 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000069-GPOS-00037,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-010119 stigid@ol8: OL08-00-020102,OL08-00-020103,OL08-00-020104 diff --git a/linux_os/guide/system/accounts/accounts-physical/coreos_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/coreos_disable_interactive_boot/rule.yml index d2dabe5f2c9..e14a70c8b97 100644 --- a/linux_os/guide/system/accounts/accounts-physical/coreos_disable_interactive_boot/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/coreos_disable_interactive_boot/rule.yml @@ -31,7 +31,6 @@ references: iso27001-2013: A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: SC-2(1),CM-6(a) nist-csf: PR.AC-4,PR.AC-6,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'Interactive boot is enabled at boot time' diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml index eb1a2ef3424..eec9264cddb 100644 --- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml @@ -45,7 +45,6 @@ references: iso27001-2013: A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: SC-2(1),CM-6(a) nist-csf: PR.AC-4,PR.AC-6,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'Interactive boot is enabled at boot time' diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml index 102fa944fb4..6bdb658ea27 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml @@ -39,7 +39,6 @@ references: iso27001-2013: A.18.1.4,A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 nist: IA-2,AC-3,CM-6(a) nist-csf: PR.AC-1,PR.AC-4,PR.AC-6,PR.AC-7,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000080-GPOS-00048 stigid@ol7: OL07-00-010481 stigid@ol8: OL08-00-010152 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml index a4f23500b6b..66da32f905b 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -60,7 +60,6 @@ references: nist: AC-12,SC-10,AC-2(5),CM-6(a) nist-csf: PR.AC-7 nist@sle12: AC-11(a) - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000163-GPOS-00072,SRG-OS-000029-GPOS-00010 stigid@ol7: OL07-00-040160 stigid@sle12: SLES-12-010090 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml index 1a867b4e650..1abeb706b4f 100644 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml @@ -28,7 +28,6 @@ identifiers: cce@rhel10: CCE-89051-7 references: - ospp: FCS_RBG_EXT.1.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'the kernel is not configured to trust the CPU RNG' diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml index a78a799a6db..c476ddec3f4 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml @@ -43,7 +43,6 @@ references: iso27001-2013: A.18.1.4,A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 nist: CM-6(a) nist-csf: PR.AC-1,PR.AC-4,PR.AC-6,PR.AC-7,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000080-GPOS-00048 stigid@ol7: OL07-00-010483 stigid@ol8: OL08-00-010149 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml index 66884aa649e..c58c5f22635 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml @@ -61,7 +61,6 @@ references: iso27001-2013: A.18.1.4,A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5 nist: CM-6(a) nist-csf: PR.AC-1,PR.AC-4,PR.AC-6,PR.AC-7,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000080-GPOS-00048 stigid@ol7: OL07-00-010482 stigid@ol8: OL08-00-010150 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml index ed93df342a5..bd64b621f10 100644 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml @@ -44,7 +44,6 @@ references: iso27001-2013: A.6.1.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5 nist: CM-6(a) nist-csf: PR.AC-4,PR.AC-6,PR.PT-3 - ospp: FIA_UAU.1 srg: SRG-OS-000080-GPOS-00048 stigid@ol7: OL07-00-010492 stigid@ol8: OL08-00-010141 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml index 30dfad23162..3be9ad9b1a5 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml @@ -35,7 +35,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1,A.15.2.1,A.15.2.2 nist: CM-6(a) nist-csf: ID.SC-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-021100 stigid@ol8: OL08-00-030010 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml index 2a7c9362e75..6b12190a091 100644 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml @@ -26,7 +26,6 @@ identifiers: references: disa: CCI-000366 - ospp: FTP_ITC_EXT.1.1 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-030680 stigid@rhel8: RHEL-08-030680 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml index c22c37e06dd..ff21210ec74 100644 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml @@ -31,7 +31,6 @@ references: iso27001-2013: A.12.4.1,A.12.4.2,A.12.4.3,A.12.4.4,A.12.7.1 nist: CM-6(a) nist-csf: PR.PT-1 - ospp: FTP_ITC_EXT.1.1 srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-030670 stigid@rhel8: RHEL-08-030670 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml index 76e17dc1650..6814d7eda32 100644 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml @@ -58,7 +58,6 @@ references: nerc-cip: CIP-003-8 R5.2,CIP-004-6 R3.3 nist: CM-6(a),AU-4(1),AU-9(2) nist-csf: PR.DS-4,PR.PT-1 - ospp: FAU_GEN.1.1.c srg: SRG-OS-000479-GPOS-00224,SRG-OS-000480-GPOS-00227,SRG-OS-000342-GPOS-00133 stigid@ol7: OL07-00-031000 stigid@ol8: OL08-00-030690 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml index af36cc94623..1c2aa9a6d4b 100644 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml @@ -29,7 +29,6 @@ identifiers: references: ism: 0988,1405 nist: AU-9(3),CM-6(a) - ospp: FCS_TLSC_EXT.1,FTP_ITC_EXT.1.1,FIA_X509_EXT.1.1,FMT_SMF_EXT.1.1 srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061 ocil_clause: 'omfwd is not configured with gtls and AuthMode' diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml index ee844469c06..2c8cfd91daf 100644 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml @@ -27,7 +27,6 @@ identifiers: references: ism: 0988,1405 - ospp: FCS_TLSC_EXT.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'CA certificate for rsyslog remote logging via TLS is not set' diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml index e0776d2606b..0ea52afd994 100644 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml @@ -40,7 +40,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2 nist: CA-3(5),CM-7(b),SC-7(23),CM-6(a) nist-csf: PR.IP-1,PR.PT-3 - ospp: FMT_MOF_EXT.1 pcidss: Req-1.4 srg: SRG-OS-000480-GPOS-00227 stigid@rhel8: RHEL-08-040090 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml index 21987566c48..fac1e289006 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml @@ -24,7 +24,6 @@ identifiers: references: disa: CCI-000381,CCI-000366 nist: AC-18 - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040021 stigid@rhel8: RHEL-08-040021 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml index a81e78e0738..c4b6bb2e830 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml @@ -23,7 +23,6 @@ identifiers: references: disa: CCI-000381 nist: AC-18 - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-040026 stigid@rhel8: RHEL-08-040026 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml index 7498a48e563..ad9f27dd7c5 100644 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml @@ -35,7 +35,6 @@ references: cis@sle15: 1.6.1 disa: CCI-000366 nist: CM-6 - ospp: FMT_SMF_EXT.1 pcidss: Req-3.2 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010675 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml index d6702978639..e102da2b379 100644 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml @@ -35,7 +35,6 @@ references: cis@sle15: 1.6.1 disa: CCI-000366 nist: CM-6 - ospp: FMT_SMF_EXT.1 pcidss: Req-3.2 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010674 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml index 63c3b095716..a5f4424b8b3 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml @@ -26,7 +26,6 @@ identifiers: references: disa: CCI-000366 nist: SC-7(10) - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010671 stigid@rhel8: RHEL-08-010671 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml index ff8eab1d034..2bbf76911ab 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml @@ -20,7 +20,6 @@ identifiers: references: disa: CCI-000366 nist: AC-6,SC-7(10) - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040281 stigid@rhel8: RHEL-08-040281 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml index cecbfd6ecea..3d68afd38bf 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml @@ -21,7 +21,6 @@ identifiers: references: disa: CCI-000366 nist: CM-6,SC-7(10) - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-040286 stigid@rhel8: RHEL-08-040286 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml index 8dc5b6f60a0..f8935f17a71 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml @@ -33,7 +33,6 @@ identifiers: references: cui: 3.1.8 - ospp: FMT_MOF_EXT.1 ocil_clause: 'allowed-failures is not equal to or less than the expected value' diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml index 80813b31376..163bc219667 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml @@ -33,7 +33,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4 nist: CM-6(a),AC-6(1),CM-7(b) nist-csf: PR.IP-1 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00229 stigid@ol7: OL07-00-010440 stigid@ol8: OL08-00-010820 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml index 8b1af9bc600..c2ebfa8cfba 100644 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml @@ -32,7 +32,6 @@ references: iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4 nist: CM-7(a),CM-7(b),CM-6(a),IA-2 nist-csf: PR.IP-1 - ospp: FIA_UAU.1 srg: SRG-OS-000480-GPOS-00229 stigid@ol7: OL07-00-010450 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml index 690213ea208..bd9bb4f0512 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml @@ -48,7 +48,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a),AC-11(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000029-GPOS-00010 stigid@ol7: OL07-00-010100 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml index e9ea6246082..0ba56879af7 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml @@ -33,7 +33,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000029-GPOS-00010 stigid@ol7: OL07-00-010101 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml index 6f79beed4c0..1daf160b979 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml @@ -42,7 +42,6 @@ references: nist-csf: PR.AC-7 nist@sle12: AC-11(a),AC-11.1 (ii) nist@sle15: AC-11(a),AC-11.1 (ii) - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012 stigid@ol7: OL07-00-010070 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml index 461f0db05ea..e4e57bb7bae 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml @@ -34,7 +34,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: AC-11(a),CM-6(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012 stigid@ol7: OL07-00-010110 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml index ee076ed233b..bca98d2b98a 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml @@ -50,7 +50,6 @@ references: nist: CM-6(a) nist-csf: PR.AC-7 nist@sle12: AC-11(b),AC-11(a),AC-11(1),AC-11(1).1,AC-11.1(iii),AC-11 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 stigid@ol7: OL07-00-010060 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml index 0da50470cef..2a5e4079a25 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml @@ -33,7 +33,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011 stigid@ol7: OL07-00-010062 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml index 37bf9ba3ce6..c8faf10d26d 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml @@ -63,7 +63,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: AC-11(1),CM-6(a),AC-11(1).1 nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000031-GPOS-00012 stigid@sle12: SLES-12-010100 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml index 2c8ecf42088..cc91add35d0 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml @@ -1,3 +1,4 @@ + documentation_complete: true @@ -29,9 +30,6 @@ identifiers: cce@rhel9: CCE-87468-5 cce@rhel10: CCE-90656-0 -references: - ospp: FMT_MOF_EXT.1 - ocil_clause: 'it is not set or configured properly' ocil: |- diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml index cc365cdfde0..ad3a630c68c 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml @@ -35,7 +35,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012 stigid@ol7: OL07-00-010081 stigid@ol8: OL08-00-020080 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml index 4ace70937df..d0b55e52f75 100644 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml @@ -37,7 +37,6 @@ references: iso27001-2013: A.18.1.4,A.9.2.1,A.9.2.4,A.9.3.1,A.9.4.2,A.9.4.3 nist: CM-6(a) nist-csf: PR.AC-7 - ospp: FMT_MOF_EXT.1 pcidss: Req-8.1.8 srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012 stigid@ol7: OL07-00-010082 diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml index fc6e7040208..5d2546b3a5c 100644 --- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml +++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml @@ -34,7 +34,6 @@ identifiers: references: cui: 3.1.5 - ospp: FMT_MOD_EXT.1 ocil_clause: 'user administration is not configured or disabled' diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml index f4827290aea..ad4166c4f0b 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml @@ -32,7 +32,6 @@ identifiers: references: nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: CM-6(a),MA-4(6),SC-13,SC-12(2),SC-12(3) - ospp: FCS_IPSEC_EXT.1.4,FCS_IPSEC_EXT.1.6 pcidss: Req-2.2 srg: SRG-OS-000033-GPOS-00014 stigid@ol8: OL08-00-010020 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml index e683a90ee7b..9be43061037 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_openssl_crypto_policy/rule.yml @@ -32,7 +32,6 @@ identifiers: references: nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1 nist: SC-8(1),SC-13 - ospp: FCS_TLSC_EXT.1.1 srg: SRG-OS-000396-GPOS-00176,SRG-OS-000424-GPOS-00188,SRG-OS-000478-GPOS-00223 ocil_clause: 'Crypto Policy for OpenSSL is not configured according to CC requirements' diff --git a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/rule.yml index 349a49a6744..4d50c3ceca6 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_ssh_client_crypto_policy/rule.yml @@ -22,7 +22,6 @@ identifiers: references: nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1 nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13 - ospp: FCS_SSHC_EXT.1 srg: SRG-OS-000033-GPOS-00014,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174 ocil_clause: 'Crypto Policy for OpenSSH Client is not configured according to CC requirements' diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml index eb49e65905b..26f7dc403a3 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_crypto_policy/rule.yml @@ -22,7 +22,6 @@ identifiers: references: nerc-cip: CIP-003-8 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1 nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13,SC-12(2),SC-12(3) - ospp: FCS_SSHS_EXT.1 srg: SRG-OS-000250-GPOS-00093,SRG-OS-000033-GPOS-00014,SRG-OS-000120-GPOS-00061 ocil_clause: 'Crypto Policy for OpenSSH Server is not configured according to CC requirements' diff --git a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml index 402ff55f580..b7b7f9aad3d 100644 --- a/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/openssl_use_strong_entropy/rule.yml @@ -25,7 +25,6 @@ identifiers: references: ism: 1277,1552 - ospp: FCS_RBG_EXT.1.2 srg: SRG-OS-000480-GPOS-00227 ocil: |- diff --git a/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml index 4a08ea97b8b..a2d1fb4c4c8 100644 --- a/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml +++ b/linux_os/guide/system/software/system-tools/package_nss-tools_installed/rule.yml @@ -20,7 +20,6 @@ identifiers: cce@rhel10: CCE-87829-8 references: - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000480-GPOS-00227 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml index f94c3cf64bd..d872f627e01 100644 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml +++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml @@ -24,7 +24,6 @@ identifiers: references: nist: SI-2(5),CM-6(a),SI-2(c) - ospp: FMT_SMF_EXT.1 srg: SRG-OS-000191-GPOS-00080 ocil_clause: 'the upgrade_type is not set to security' diff --git a/linux_os/guide/system/software/updating/ensure_suse_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_suse_gpgkey_installed/rule.yml index 0bc49956c52..36d74482d74 100644 --- a/linux_os/guide/system/software/updating/ensure_suse_gpgkey_installed/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_suse_gpgkey_installed/rule.yml @@ -51,7 +51,6 @@ references: nerc-cip: CIP-003-8 R4.2,CIP-003-8 R6,CIP-007-3 R4,CIP-007-3 R4.1,CIP-007-3 R4.2,CIP-007-3 R5.1 nist: CM-5(3),SI-7,SC-12,SC-12(3),CM-6(a) nist-csf: PR.DS-6,PR.DS-8,PR.IP-1 - ospp: FPT_TUD_EXT.1,FPT_TUD_EXT.2 pcidss: Req-6.2 srg: SRG-OS-000366-GPOS-00153 From 6827063f688652daa7f28008e3bc7fcd7179c749 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Fri, 6 Sep 2024 17:10:50 +0200 Subject: [PATCH 3/5] Add missing OSPP RHEL10 rules. --- controls/ospp.yml | 114 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 100 insertions(+), 14 deletions(-) diff --git a/controls/ospp.yml b/controls/ospp.yml index 42327f4dc0e..20b29ea9fcf 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -27,11 +27,13 @@ controls: levels: - base rules: + - auditd_data_retention_flush - auditd_freq - grub2_audit_argument - package_audit_installed - audit_basic_configuration - service_auditd_enabled + - var_auditd_flush=incremental_async - sshd_disable_root_login - zipl_audit_argument status: automated @@ -101,13 +103,6 @@ controls: - grub2_audit_backlog_limit_argument - zipl_audit_backlog_limit_argument status: automated - - id: FAU_STG.3 - levels: - - base - rules: - - grub2_audit_backlog_limit_argument - - zipl_audit_backlog_limit_argument - status: automated - id: FCS_CKM.1 title: 'Cryptographic Key Generation' levels: @@ -116,12 +111,20 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_CKM.1.1 title: 'Cryptographic Key Generation - asymmetric cryptographic' levels: - base - status: pending + rules: + - configure_crypto_policy + - package_crypto-policies_installed + - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy + status: automated - id: FCS_CKM.2 title: 'Cryptographic Key Establishment' levels: @@ -130,6 +133,8 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_COP.1/ENCRYPT title: 'Cryptographic Operation - Encryption/Decryption' @@ -139,6 +144,8 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_COP.1/HASH title: 'Cryptographic Operation - Hashing' @@ -148,6 +155,8 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_COP.1/SIGN @@ -158,6 +167,8 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_COP.1/KEYHMAC title: 'Keyed-Hash Message Authentication' @@ -167,6 +178,8 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - var_system_crypto_policy=fips_ospp + - configure_openssl_crypto_policy status: automated - id: FCS_RBG_EXT.1 @@ -176,18 +189,27 @@ controls: rules: - enable_dracut_fips_module - enable_fips_mode + - var_system_crypto_policy=fips_ospp status: automated - id: FCS_RBG_EXT.1.1 title: 'Random Bit Generation - deterministic random bit generation' levels: - base - status: pending + rules: + - enable_dracut_fips_module + - enable_fips_mode + - var_system_crypto_policy=fips_ospp + status: automated - id: FCS_RBG_EXT.1.2 title: 'Random Bit Generation - entropy source' levels: - base - status: pending + rules: + - enable_dracut_fips_module + - enable_fips_mode + - var_system_crypto_policy=fips_ospp + status: automated - id: FCS_SSHC_EXT.1 title: 'SSH Client Protocol' @@ -214,6 +236,7 @@ controls: - package_openssh-clients_installed - package_openssh-server_installed - configure_ssh_crypto_policy + - sshd_use_directory_configuration status: automated - id: FCS_SSH_EXT.1.2 @@ -231,7 +254,11 @@ controls: - base rules: - ssh_client_rekey_limit + - var_ssh_client_rekey_limit_size=1G + - var_ssh_client_rekey_limit_time=1hour - sshd_rekey_limit + - var_rekey_limit_size=1G + - var_rekey_limit_time=1hour status: automated - id: FCS_TLSC_EXT.1 @@ -242,22 +269,32 @@ controls: - configure_crypto_policy - package_crypto-policies_installed - enable_fips_mode + - configure_openssl_crypto_policy status: automated - id: FCS_TLSC_EXT.1.1 title: 'Allowed Cipher Suites' levels: - base - status: pending + rules: + - configure_crypto_policy + - package_crypto-policies_installed + - enable_fips_mode + - configure_openssl_crypto_policy + status: automated - id: FIA_AFL.1 title: 'Authentication failure handling' levels: - base rules: - accounts_passwords_pam_faillock_deny + - var_accounts_passwords_pam_faillock_deny=3 - accounts_passwords_pam_faillock_interval + - var_accounts_passwords_pam_faillock_fail_interval=900 - accounts_passwords_pam_faillock_unlock_time + - var_accounts_passwords_pam_faillock_unlock_time=never - enable_authselect + - var_authselect_profile=minimal status: automated - id: FIA_UAU.1 @@ -271,6 +308,7 @@ controls: - service_debug-shell_disabled - no_empty_passwords - enable_authselect + - var_authselect_profile=minimal - grub2_disable_recovery - grub2_systemd_debug-shell_argument_absent - grub2_uefi_password @@ -300,7 +338,7 @@ controls: - base rules: - package_gnutls-utils_installed - status: pending + status: automated - id: FIA_X509_EXT.2 title: 'X.509 Certificate Validation - basicConstraints' @@ -318,17 +356,23 @@ controls: - package_sudo_installed - logind_session_timeout - var_logind_session_timeout=30_minutes + - selinux_policytype # SELinux doesn't have a SFR associated, this one seems the least controversial + - selinux_state + - var_selinux_state=enforcing + - var_selinux_policy_name=targeted status: automated - id: FMT_SMF_EXT.1 - title: 'Management of security functions behavior' + title: 'Specification of Management Functions' levels: - base rules: + - package_fapolicyd_installed - service_fapolicyd_enabled - chronyd_client_only - package_chrony_installed - configure_usbguard_auditbackend + - package_fapolicyd_installed - service_usbguard_enabled - usbguard_allow_hid_and_hub - accounts_password_pam_dcredit @@ -336,17 +380,32 @@ controls: - accounts_password_pam_minlen - accounts_password_pam_ocredit - accounts_password_pam_ucredit + - var_password_pam_minlen=12 + - var_password_pam_ocredit=1 + - var_password_pam_dcredit=1 + - var_password_pam_ucredit=1 + - var_password_pam_lcredit=1 - package_firewalld_installed - service_firewalld_enabled - kernel_module_can_disabled - kernel_module_tipc_disabled + - kernel_module_bluetooth_disabled + - kernel_module_sctp_disabled - service_systemd-coredump_disabled - sysctl_kernel_core_pattern_empty_string - sysctl_kernel_core_uses_pid - sysctl_kernel_perf_event_paranoid - sysctl_kernel_unprivileged_bpf_disabled_accept_default + - sysctl_kernel_unprivileged_bpf_disabled_value=2 + - sysctl_kernel_dmesg_restrict + - sysctl_kernel_kptr_restrict + - sysctl_kernel_kexec_load_disabled + - sysctl_kernel_yama_ptrace_scope - sysctl_user_max_user_namespaces - partition_for_var_log_audit + - mount_option_var_log_audit_nodev + - mount_option_var_log_audit_nosuid + - mount_option_var_log_audit_noexec - dnf-automatic_apply_updates - timer_dnf-automatic_enabled - logind_session_timeout @@ -378,6 +437,7 @@ controls: - base rules: - package_dnf-plugin-subscription-manager_installed + - package_dnf-automatic_installed - package_subscription-manager_installed - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages @@ -391,6 +451,7 @@ controls: - base rules: - package_dnf-plugin-subscription-manager_installed + - package_dnf-automatic_installed - package_subscription-manager_installed - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages @@ -398,6 +459,15 @@ controls: - ensure_redhat_gpgkey_installed status: automated + - id: FPT_TST_EXT.1 + title: Boot Integrity + levels: + - base + rules: + - zipl_bls_entries_only + - zipl_bootmap_is_up_to_date + status: automated + - id: FTA_SSL.1 title: 'TSF-initiated session locking' levels: @@ -430,4 +500,20 @@ controls: title: 'Trusted channel communication - TLS' levels: - base - status: pending + rules: + - package_openssh-clients_installed + - package_openssh-server_installed + - sshd_disable_gssapi_auth + - sshd_disable_kerb_auth + status: automated + + - id: AVA_VAN.1 + title: 'Vulnerability Assessment' + levels: + - base + rules: + - grub2_init_on_alloc_argument + - grub2_page_alloc_shuffle_argument + - zipl_init_on_alloc_argument + - zipl_page_alloc_shuffle_argument + status: automated From 864e0d2538f34ca4e0790ba5d170334e5dcece97 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Fri, 6 Sep 2024 18:12:30 +0200 Subject: [PATCH 4/5] Update OSPP reference for audit according to version 4.3. --- controls/ospp.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/controls/ospp.yml b/controls/ospp.yml index 20b29ea9fcf..6108c89c4ac 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -23,7 +23,7 @@ controls: - package_scap-security-guide_installed status: automated - id: FAU_GEN.1 - title: 'Audit Data Generation' + title: 'Audit Data Generation (Refined)' levels: - base rules: @@ -37,7 +37,7 @@ controls: - sshd_disable_root_login - zipl_audit_argument status: automated - - id: FAU_GEN.1.1.c + - id: FAU_GEN.1.1 title: 'Audit Data Generation - Event Types to be Audited' levels: - base From 71d3a8f8bf7395f386ac9879247da2652010157e Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Fri, 6 Sep 2024 18:26:11 +0200 Subject: [PATCH 5/5] Final adjustments to the OSPP control file based on RHEL9. --- controls/ospp.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/controls/ospp.yml b/controls/ospp.yml index 6108c89c4ac..e07521365c6 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml @@ -46,8 +46,14 @@ controls: - audit_access_failed_aarch64 - audit_access_failed_ppc64le - audit_access_success + - audit_access_success.role=unscored + - audit_access_success.severity=info - audit_access_success_aarch64 + - audit_access_success_aarch64.role=unscored + - audit_access_success_aarch64.severity=info - audit_access_success_ppc64le + - audit_access_success_ppc64le.role=unscored + - audit_access_success_ppc64le.severity=info - audit_create_failed - audit_create_failed_aarch64 - audit_create_failed_ppc64le @@ -373,6 +379,7 @@ controls: - package_chrony_installed - configure_usbguard_auditbackend - package_fapolicyd_installed + - package_usbguard_installed - service_usbguard_enabled - usbguard_allow_hid_and_hub - accounts_password_pam_dcredit