Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update CIS RHEL requirements for log files permissions #10241

Merged
merged 1 commit into from
Feb 22, 2023
Merged

Update CIS RHEL requirements for log files permissions #10241

merged 1 commit into from
Feb 22, 2023

Conversation

marcusburghardt
Copy link
Member

Description:

CIS requirements to set on log files properties checks permissions in RHEL7 and RHEL8 while in RHEL9 also checks owner and group-owner.
Also, the rsyslog_files_permissions rule was also listed in 4.2.1.3 requirement for RHEL7 and 4.2.1.4 requirement for RHEL8. This is not correct and is fixed by this PR.

Rationale:

Better CIS coverage for RHEL products.

@marcusburghardt
Update CIS RHEL requirements for log files permissions
03125e9 
CIS requirements to set on log files properties checks permissions in
RHEL7 and RHEL8 while in RHEL9 also checks owner and group-owner.
The rsyslog_files_permissions rule was also listed in 4.2.1.3
requirement for RHEL7 and 4.2.1.4 requirement for RHEL8. This was not
correct and was fixed in this commit.
@marcusburghardt marcusburghardt added RHEL Red Hat Enterprise Linux product related. CIS CIS Benchmark related. labels Feb 21, 2023
@marcusburghardt marcusburghardt added this to the 0.1.67 milestone Feb 21, 2023
@marcusburghardt marcusburghardt requested a review from a team as a code owner February 21, 2023 13:23
@github-actions
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate
Copy link

codeclimate bot commented Feb 21, 2023

Code Climate has analyzed commit 03125e9 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 51.7% (0.0% change).

View more on Code Climate.

@marcusburghardt
Copy link
Member Author

/retest

@jan-cerny jan-cerny self-assigned this Feb 22, 2023
@jan-cerny jan-cerny merged commit 39ffd67 into ComplianceAsCode:master Feb 22, 2023
@marcusburghardt marcusburghardt deleted the rsyslog_cis_rhel branch February 22, 2023 12:35
@marcusburghardt marcusburghardt added the Update Profile Issues or pull requests related to Profiles updates. label Mar 3, 2023
@jan-cerny jan-cerny mentioned this pull request Mar 28, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels
CIS CIS Benchmark related. RHEL Red Hat Enterprise Linux product related. Update Profile Issues or pull requests related to Profiles updates.
Projects
None yet
Milestone
0.1.67
Development

Successfully merging this pull request may close these issues.
2 participants
@marcusburghardt @jan-cerny