Ubuntu 24.04 1.3.1.1 Ensure AppArmor is installed

ComplianceAsCode · Dec 10, 2024 · dbf6e30 · dbf6e30
1 parent f1d163c
commit dbf6e30
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 4 deletions.
diff --git a/components/apparmor.yml b/components/apparmor.yml
@@ -10,4 +10,5 @@ rules:
 - apparmor_configured
 - grub2_enable_apparmor
 - package_apparmor_installed
+- package_apparmor-utils_installed
 - package_pam_apparmor_installed
diff --git a/controls/cis_ubuntu2404.yml b/controls/cis_ubuntu2404.yml
@@ -368,11 +368,11 @@ controls:
     levels:
       - l1_server
       - l1_workstation
-    related_rules:
+    rules:
       - package_apparmor_installed
-    status: planned
-    notes: TODO. Partial/incorrect implementation exists.See related rules. Analogous to ubuntu2204/1.6.1.1.
-
+      - package_apparmor-utils_installed
+    status: automated
+    
   - id: 1.3.1.2
     title: Ensure AppArmor is enabled in the bootloader configuration (Automated)
     levels:

diff --git a/linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml b/linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml
@@ -0,0 +1,17 @@
+documentation_complete: true
+
+title: 'Ensure AppArmor Utils is installed'
+
+description: |-
+    AppArmor provide Mandatory Access Controls.
+
+rationale: |-
+    Without a Mandatory Access Control system installed only the default
+    Discretionary Access Control system will be available.
+
+severity: medium
+
+template:
+    name: package_installed
+    vars:
+        pkgname: apparmor-utils