-
Notifications
You must be signed in to change notification settings - Fork 684
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unify the RHEL approach for rule file_permissions_var_log_audit #9129
Unify the RHEL approach for rule file_permissions_var_log_audit #9129
Conversation
@Mab879 @ggbecker Do you think fix text of this item is correct? There is an item more specific about the file's group: https://stigs.mab879.com/products/rhel8/v1r6/RHEL-08-030090/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this change makes sense.
Maybe we should use 'rhel' in product
or similar so that we will not have to repeat this work for future versions of RHEL.
...s/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
Outdated
Show resolved
Hide resolved
RHEL7 and RHEL9 should follow the same approach for RHEL8.
9dfdff0
to
63d00bc
Compare
Weird, the test scenarios pass on my machine:
|
I see that some tet scenarios are missing: packages = auditdCould this be the problem? |
Install audit when testing file_permissions_var_log_audit, this enables testing in containers in CI.
b305fea
to
27e7eab
Compare
@vojtapolasek Thanks, the CI seems happy now. |
Code Climate has analyzed commit 27e7eab and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 42.7% (0.0% change). View more on Code Climate. |
@yuumasato: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great now, thank you.
Description:
log_file
in /etc/audit/auditd.conf` and check that file's permissionsRationale: