From 6863318dd0db1d42942f241f30ed94fbdf1cc653 Mon Sep 17 00:00:00 2001 From: "YuQing.Yang" Date: Tue, 19 Dec 2023 16:49:44 +0800 Subject: [PATCH] Add anolis23/anolis8 support for pci-dss compliance. Signed-off-by: YuQing.Yang Signed-off-by: YiLin.Li --- products/anolis23/profiles/pci-dss.profile | 37 ++++++++++++++++++++++ products/anolis8/profiles/pci-dss.profile | 34 ++++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 products/anolis23/profiles/pci-dss.profile create mode 100644 products/anolis8/profiles/pci-dss.profile diff --git a/products/anolis23/profiles/pci-dss.profile b/products/anolis23/profiles/pci-dss.profile new file mode 100644 index 00000000000..86b09c954ed --- /dev/null +++ b/products/anolis23/profiles/pci-dss.profile @@ -0,0 +1,37 @@ +documentation_complete: true + +metadata: + version: '4.0' + SMEs: + - hustliyilin + - rain-Qing + +reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf + +title: 'PCI-DSS v4.0 Control Baseline for Anolis OS 23' + +description: |- + Payment Card Industry - Data Security Standard (PCI-DSS) is a set of + security standards designed to ensure the secure handling of payment card + data, with the goal of preventing data breaches and protecting sensitive + financial information. + +selections: + - pcidss_4:all + - '!package_audit-audispd-plugins_installed' + - '!rpm_verify_permissions' + - '!package_audit-audispd-plugins_installed' + - '!service_ntp_enabled' + - '!ntpd_specify_remote_server' + - '!ntpd_specify_multiple_servers' + - '!set_ipv6_loopback_traffic' + - '!set_loopback_traffic' + - '!service_ntpd_enabled' + - '!package_ypserv_removed' + - '!package_ypbind_removed' + - '!package_talk_removed' + - '!package_talk-server_removed' + - '!package_xinetd_removed' + - '!package_rsh_removed' + - '!package_rsh-server_removed' + - '!ensure_redhat_gpgkey_installed' diff --git a/products/anolis8/profiles/pci-dss.profile b/products/anolis8/profiles/pci-dss.profile new file mode 100644 index 00000000000..6d8a1f458d7 --- /dev/null +++ b/products/anolis8/profiles/pci-dss.profile @@ -0,0 +1,34 @@ +documentation_complete: true + +metadata: + version: '4.0' + SMEs: + - hustliyilin + - rain-Qing + +reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf + +title: 'PCI-DSS v4.0 Control Baseline for Anolis OS 8' + +description: |- + Payment Card Industry - Data Security Standard (PCI-DSS) is a set of + security standards designed to ensure the secure handling of payment card + data, with the goal of preventing data breaches and protecting sensitive + financial information. + +selections: + - pcidss_4:all + - '!rpm_verify_permissions' + - '!package_audit-audispd-plugins_installed' + - '!service_ntp_enabled' + - '!ntpd_specify_remote_server' + - '!ntpd_specify_multiple_servers' + - '!set_ipv6_loopback_traffic' + - '!set_loopback_traffic' + - '!service_ntpd_enabled' + - '!timer_logrotate_enabled' + - '!package_talk_removed' + - '!package_talk-server_removed' + - '!package_rsh_removed' + - '!package_rsh-server_removed' + - '!ensure_redhat_gpgkey_installed'