From c70338b534de7ca11452c44210b749632476a85e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Wed, 21 Feb 2024 18:00:41 +0100 Subject: [PATCH] Change permissions of /etc/ipsec.d --- .../directory_permissions_etc_ipsecd/rule.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/linux_os/guide/system/network/network-ipsec/directory_permissions_etc_ipsecd/rule.yml b/linux_os/guide/system/network/network-ipsec/directory_permissions_etc_ipsecd/rule.yml index 3a2f54063cd..3da4fcf88c4 100644 --- a/linux_os/guide/system/network/network-ipsec/directory_permissions_etc_ipsecd/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/directory_permissions_etc_ipsecd/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true title: Verify Permissions On /etc/ipsec.d Directory -description: '{{{ describe_file_permissions(file="/etc/ipsec.d", perms="0644") }}}' +description: '{{{ describe_file_permissions(file="/etc/ipsec.d", perms="0700") }}}' rationale: |- Setting correct permissions on the /etc/ipsec.d directory is important @@ -17,19 +17,19 @@ identifiers: cce@rhel8: CCE-86305-0 cce@rhel9: CCE-86306-8 -ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/ipsec.d", perms="0644") }}}' +ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/ipsec.d", perms="0700") }}}' ocil: |- - {{{ ocil_file_permissions(file="/etc/ipsec.d", perms="0644") }}} + {{{ ocil_file_permissions(file="/etc/ipsec.d", perms="0700") }}} platform: package[libreswan] -fixtext: '{{{ fixtext_file_permissions(file="/etc/ipsec.d", mode="0644") }}}' +fixtext: '{{{ fixtext_file_permissions(file="/etc/ipsec.d", mode="0700") }}}' -srg_requirement: '{{{ srg_requirement_file_permission(file="/etc/ipsec.d", mode="0644") }}}' +srg_requirement: '{{{ srg_requirement_file_permission(file="/etc/ipsec.d", mode="0700") }}}' template: name: file_permissions vars: filepath: /etc/ipsec.d/ - filemode: '0644' + filemode: '0700'