-
Notifications
You must be signed in to change notification settings - Fork 684
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New rules related to pam_pwquality #8185
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
STIG ID RHEL-08-020101
STIG ID RHEL-08-020100
marcusburghardt
added
DISA RHEL8 STIG Alignment
New Rule
Issues or pull requests related to new Rules.
Update Rule
Issues or pull requests related to Rules updates.
labels
Feb 9, 2022
This datastream diff is auto generated by the check Click here to see the full diffOCIL for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_retry' differs:
--- old datastream
+++ new datastream
@@ -1,6 +1,6 @@
To check how many retry attempts are permitted on a per-session basis, run the following command:
-$ grep pam_pwquality /etc/pam.d/system-auth /etc/pam.d/password-auth
+$ grep retry /etc/security/pwquality.conf
The retry parameter will indicate how many attempts are permitted.
The DoD required value is less than or equal to 3.
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_retry' differs:
--- old datastream
+++ new datastream
@@ -4,7 +4,7 @@
tags:
- CCE-80664-6
- CJIS-5.5.3
- - DISA-STIG-RHEL-08-020100
+ - DISA-STIG-RHEL-08-020104
- NIST-800-53-AC-7(a)
- NIST-800-53-CM-6(a)
- NIST-800-53-IA-5(4)
@@ -30,7 +30,7 @@
tags:
- CCE-80664-6
- CJIS-5.5.3
- - DISA-STIG-RHEL-08-020100
+ - DISA-STIG-RHEL-08-020104
- NIST-800-53-AC-7(a)
- NIST-800-53-CM-6(a)
- NIST-800-53-IA-5(4) |
marcusburghardt
force-pushed
the
pwquality
branch
from
February 9, 2022 17:29
c3570f5
to
713e28e
Compare
/retest |
Mab879
requested changes
Feb 10, 2022
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looks good, just one issue with the test stability file.
marcusburghardt
force-pushed
the
pwquality
branch
from
February 10, 2022 18:24
713e28e
to
23911b2
Compare
Mab879
approved these changes
Feb 10, 2022
Mab879
approved these changes
Feb 10, 2022
marcusburghardt
added
RHEL8
Red Hat Enterprise Linux 8 product related.
STIG
STIG Benchmark related.
labels
Jun 23, 2022
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
New Rule
Issues or pull requests related to new Rules.
RHEL8
Red Hat Enterprise Linux 8 product related.
STIG
STIG Benchmark related.
Update Rule
Issues or pull requests related to Rules updates.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introduce two new rules for the following STIG IDs:
Also updates the rule related to the STIG ID RHEL-08-020104: