Back to bug 2228466
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2023-08-02 12:22:33 UTC | Pool ID | sst_security_compliance_rhel_8 | |
| Red Hat One Jira (issues.redhat.com) | 2023-08-02 12:23:35 UTC | Link ID | Red Hat Issue Tracker RHELPLAN-164142 | |
| Milan Lysonek | 2023-08-02 14:23:33 UTC | Doc Type | If docs needed, set a value | Bug Fix |
| Doc Text | .Faillock settings clarification in STIG profile Mapping of rule accounts_passwords_pam_faillock_interval has been clarified in the STIG profile. The rule now covers both RHEL-08-020012 and RHEL-08-020013.The reason for this change in that accounts_passwords_pam_faillock_interval checks for `faillock` configuration in both `/etc/pam.d/password-auth`, `/etc/pam.d/system-auth` and `/etc/security/faillock.conf`. |
|||
| Vojtech Polasek | 2023-08-04 07:26:19 UTC | Status | NEW | POST |
| Matus Marhefka | 2023-08-08 13:09:04 UTC | Fixed In Version | scap-security-guide-0.1.69-1.el8_6 | |
| Status | POST | MODIFIED | ||
| errata-xmlrpc | 2023-08-10 10:00:52 UTC | Status | MODIFIED | ON_QA |
| Milan Lysonek | 2023-08-14 14:30:22 UTC | Status | ON_QA | VERIFIED |
| Doc Text | .Faillock settings clarification in STIG profile Mapping of rule accounts_passwords_pam_faillock_interval has been clarified in the STIG profile. The rule now covers both RHEL-08-020012 and RHEL-08-020013.The reason for this change in that accounts_passwords_pam_faillock_interval checks for `faillock` configuration in both `/etc/pam.d/password-auth`, `/etc/pam.d/system-auth` and `/etc/security/faillock.conf`. | .Faillock settings clarification in STIG profile Mapping of rule `accounts_passwords_pam_faillock_interval` has been clarified in the STIG profile. The rule now covers both RHEL-08-020012 and RHEL-08-020013.The reason for this change is that the rule `accounts_passwords_pam_faillock_interval` checks for `faillock` configuration in all of these three files: `/etc/pam.d/password-auth`, `/etc/pam.d/system-auth` and `/etc/security/faillock.conf`. The STIG ID RHEL-08-020012 checks just `/etc/pam.d/password-auth` and `/etc/pam.d/system-auth`. The STIG ID RHEL-08-020013 checks only `/etc/security/faillock.conf`. Therefore, the rule `accounts_passwords_pam_faillock_interval` covers both these STIG IDs. | ||
| QA Contact | qe-baseos-security | mlysonek |
Back to bug 2228466