Merge pull request #9995 from rumch-se/user_accounts_environment_corr…

…ections Small corrections related to 3 rules
ComplianceAsCode · Jan 9, 2023 · 2a362c0 · 2a362c0
2 parents 84f660f + 743e2cc
commit 2a362c0
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/...os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml b/...os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml
@@ -39,6 +39,7 @@ references:
     cis-csc: 1,12,15,16,5
     cis@alinux3: "5.7"
     cis@rhel7: "5.5"
+    cis@sle12: "5.5"
     cis@sle15: "5.5"
     cobit5: DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.10
     cui: 3.1.1,3.1.6

diff --git a/...tem/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml b/...tem/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml
@@ -27,6 +27,8 @@ identifiers:
 references:
     cis-csc: 12,13,14,15,16,18,3,5
     cis@alinux3: "5.7"
+    cis@sle12: "5.5"
+    cis@sle15: "5.5"
     cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
     cui: '3.1.1,3.1.5'
     disa: CCI-000770

diff --git a/..._os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/..._os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
@@ -1,14 +1,14 @@
 documentation_complete: true
 
-prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
 
 title: 'Enforce usage of pam_wheel for su authentication'
 
 description: |-
     To ensure that only users who are members of the <tt>wheel</tt> group can
     run commands with altered privileges through the <tt>su</tt> command, make
     sure that the following line exists in the file <tt>/etc/pam.d/su</tt>:
-    <pre>auth             required        pam_wheel.so use_uid</pre>
+    <pre>auth required pam_wheel.so use_uid</pre>
 
 rationale: |-
     The <tt>su</tt> program allows to run commands with a substitute user and
@@ -29,6 +29,8 @@ references:
     cis@alinux3: "5.8"
     cis@rhel7: "5.7"
     cis@rhel8: 5.3.7
+    cis@sle12: "5.6"
+    cis@sle15: "5.6"
     cis@ubuntu2004: "5.6"
     cis@ubuntu2204: "5.6"
     ospp: FMT_SMF_EXT.1.1
@@ -41,14 +43,14 @@ ocil: |-
     Run the following command to check if the line is present:
     <pre>grep pam_wheel /etc/pam.d/su</pre>
     The output should contain the following line:
-    <pre>auth             required        pam_wheel.so use_uid</pre>
+    <pre>auth required pam_wheel.so use_uid</pre>
 
 fixtext: |-
     Configure {{{ full_name }}} to require users to be in the "wheel" group to run "su" command.
 
     In file "/etc/pam.d/su", uncomment the following line:
 
-    "#auth    required    pam_wheel.so use_uid"
+    "#auth required pam_wheel.so use_uid"
 
     $ sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su