Bug 2168063
Summary: | Rules concerning audit check for content of specific files, and not /etc/audit/audit.rules ( ex xccdf_org.ssgproject.content_rule_audit_immutable_login_uids) [rhel-8.7.0.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | RHEL Program Management Team <pgm-rhel-tools> |
Component: | scap-security-guide | Assignee: | Vojtech Polasek <vpolasek> |
Status: | CLOSED ERRATA | QA Contact: | Milan Lysonek <mlysonek> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 8.6 | CC: | ggasparb, mhaicman, mlysonek, wsato |
Target Milestone: | rc | Keywords: | Triaged, ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | scap-security-guide-0.1.66-1.el8_7 | Doc Type: | Bug Fix |
Doc Text: |
Cause:
The SCAP rule audit_immutable_login_uids used in RHEL 8 profiles stig and stig_gui is very strict and it passes only in case that the specific file contains exact text. This is, however, not strictly needed to fulfill the STIG requirement (RHEL-08-030122)
Consequence:
User is forced to use the file /etc/audit/rules.d/11-loginuid.rules with specific file content to make this rule passing. Note that the file content contains comments which should not be forced upon user.
Fix:
The new rule audit_rules_immutable_login_uids has been created and it replaced the rule audit_immutable_login_uids in RHEL8 stig and stig_gui profiles.
Result: User can now specify the "--loginuid-immutable" parameter which fulfills the rule in arbitrary file with .rules extension within /etc/audit/rules.d directory or in file /etc/audit/audit.rules; depending on usage of auditctl or augen-rules.
|
Story Points: | --- |
Clone Of: | 2151553 | Environment: | |
Last Closed: | 2023-02-21 07:15:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2151553 | ||
Bug Blocks: |
Comment 14
errata-xmlrpc
2023-02-21 07:15:08 UTC
|