Back to bug 2228459
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2023-08-02 12:18:58 UTC | Pool ID | sst_security_compliance_rhel_8 | |
| Red Hat One Jira (issues.redhat.com) | 2023-08-02 12:21:53 UTC | Link ID | Red Hat Issue Tracker RHELPLAN-164136 | |
| Milan Lysonek | 2023-08-02 13:59:34 UTC | Doc Type | If docs needed, set a value | Bug Fix |
| Doc Text | Fixed rules related to AIDE configuration Rule `aide_build_database` no longer requires the existence of the `/var/lib/aide/aide.db.new.gz` file which contains the freshly generated AIDE database. The reason is that this database isn't needed for AIDE to work, only the installed database at `/var/lib/aide/aide.db.gz` is needed by AIDE. Users can install the freshly generated database by moving the file from `/var/lib/aide/aide.db.new.gz` to `/var/lib/aide/aide.db.gz`. Previously, the rule required the existence of both `/var/lib/aide/aide.db.new.gz` and `/var/lib/aide/aide.db.gz` in order to pass. Now, it requires only the existence of `/var/lib/aide/aide.db.gz` in order to pass. Rule `aide_periodic_cron_checking` hass been changed to be less strict on entries in `/etc/cron.daily` and `/etc/cron.weekly`. That allows administrators to schedule the `aide --check` command with additional wrappers while staying compliant with the rule. |
|||
| Vojtech Polasek | 2023-08-04 07:19:47 UTC | Status | NEW | POST |
| AutoMiloš | 2023-08-04 15:37:23 UTC | Fixed In Version | scap-security-guide-0.1.69-1.el8_6 | |
| Keywords | AutoVerified | |||
| Matus Marhefka | 2023-08-08 12:05:50 UTC | Status | POST | MODIFIED |
| errata-xmlrpc | 2023-08-10 10:00:51 UTC | Status | MODIFIED | ON_QA |
| Milan Lysonek | 2023-08-14 13:30:47 UTC | Doc Text | Fixed rules related to AIDE configuration Rule `aide_build_database` no longer requires the existence of the `/var/lib/aide/aide.db.new.gz` file which contains the freshly generated AIDE database. The reason is that this database isn't needed for AIDE to work, only the installed database at `/var/lib/aide/aide.db.gz` is needed by AIDE. Users can install the freshly generated database by moving the file from `/var/lib/aide/aide.db.new.gz` to `/var/lib/aide/aide.db.gz`. Previously, the rule required the existence of both `/var/lib/aide/aide.db.new.gz` and `/var/lib/aide/aide.db.gz` in order to pass. Now, it requires only the existence of `/var/lib/aide/aide.db.gz` in order to pass. Rule `aide_periodic_cron_checking` hass been changed to be less strict on entries in `/etc/cron.daily` and `/etc/cron.weekly`. That allows administrators to schedule the `aide --check` command with additional wrappers while staying compliant with the rule. | Fixed rules related to AIDE configuration Rule `aide_build_database` no longer requires the existence of the `/var/lib/aide/aide.db.new.gz` file which contains the freshly generated AIDE database. The reason is that this database isn't needed for AIDE to work, only the installed database at `/var/lib/aide/aide.db.gz` is needed by AIDE. Users can install the freshly generated database by moving the file from `/var/lib/aide/aide.db.new.gz` to `/var/lib/aide/aide.db.gz`. Previously, the rule required the existence of both `/var/lib/aide/aide.db.new.gz` and `/var/lib/aide/aide.db.gz` in order to pass. Now, it requires only the existence of `/var/lib/aide/aide.db.gz` in order to pass. Rule `aide_periodic_cron_checking` has been changed to be less strict on entries in `/etc/cron.daily` and `/etc/cron.weekly`. That allows administrators to schedule the `aide --check` command with additional wrappers while staying compliant with the rule. |
| Status | ON_QA | VERIFIED | ||
| QA Contact | qe-baseos-security | mlysonek |
Back to bug 2228459