Hide Forgot
Description of problem: We are scanning our systems for compliance with the RHEL 8 CIS policy.. The following 2 rules are not CIS and should be not there. ~~~ Actual results: Title Modify the System Message of the Day Banner Rule xccdf_org.ssgproject.content_rule_banner_etc_motd Ident CCE-83496-0 Result fail Title Modify the System Login Banner Rule xccdf_org.ssgproject.content_rule_banner_etc_issue Ident CCE-80763-6 Result fail ~~~ Both of these rules are to do with banner of /etc/motd and are to do with US government banner message.. Version-Release number of selected component (if applicable): scap-security-guide-0.1.54-5.el8.noarch How reproducible: Always Steps to Reproduce: 1. Register server on Insights portal 2. Assign RHEL 8 CIS policy to the server 3. Run "insights-client --compliance" command on server. Actual results: The following 2 rules are marked as false positive: ~~~ Modify the System Message of the Day Banner Modify the System Login Banner ~~~ Expected results: These rules does not exist in CIS. These are NIST rules.
Created attachment 1802416 [details] Screenshot
Fix merged in Upstream: https://github.com/ComplianceAsCode/content/pull/7690
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:1900