Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add cron.deny Owership Rules #11185

Merged
merged 3 commits into from
Oct 10, 2023
Merged

Add cron.deny Owership Rules #11185

merged 3 commits into from
Oct 10, 2023

Conversation

Mab879
Copy link
Member

@Mab879 Mab879 commented Oct 9, 2023

Description:

  • Add two rules
    • file_owner_cron_deny
    • file_groupowner_cron_deny
  • Add the new rules to the srg_gpos control

Rationale:

Increase coverage.

@Mab879 Mab879 added RHEL9 Red Hat Enterprise Linux 9 product related. STIG STIG Benchmark related. labels Oct 9, 2023
@Mab879 Mab879 added this to the 0.1.71 milestone Oct 9, 2023
@github-actions
Copy link

github-actions bot commented Oct 9, 2023

Start a new ephemeral environment with changes proposed in this pull request:

rhel9 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate
Copy link

codeclimate bot commented Oct 9, 2023

Code Climate has analyzed commit def2fe2 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 56.9%.

View more on Code Climate.

@jan-cerny jan-cerny self-assigned this Oct 10, 2023
jan-cerny
jan-cerny approved these changes Oct 10, 2023
View reviewed changes
Copy link
Collaborator

@jan-cerny jan-cerny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have reviewed the code. The CI fail of Automatus on CS8 and SLE 15 is fine because the rule isn't part of these products but it's a part of only RHEL 9. The Automatus on CS 9 reports correctly as notapplicable because this rules is a part of a group that is machine platform. But, the rule is templated and doesn't modify the template.

@jan-cerny jan-cerny merged commit 7398d6a into ComplianceAsCode:master Oct 10, 2023
@Mab879 Mab879 deleted the add_cron_deny_rules branch October 10, 2023 12:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels
RHEL9 Red Hat Enterprise Linux 9 product related. STIG STIG Benchmark related.
Projects
None yet
Milestone
0.1.71
Development

Successfully merging this pull request may close these issues.
2 participants
@Mab879 @jan-cerny