Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated 10 rules to support SLE Micro #12330

Merged
merged 1 commit into from
Aug 26, 2024
Merged

Updated 10 rules to support SLE Micro #12330

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 30 additions & 20 deletions controls/stig_slmicro5.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,9 @@ controls:
levels:
- high
title: SLEM 5 must disable the x86 Ctrl-Alt-Delete key sequence.
rules: []
status: pending
rules:
- disable_ctrlaltdel_reboot
status: automated

- id: SLEM-05-212010
levels:
Expand Down Expand Up @@ -250,15 +251,17 @@ controls:
title:
All SLEM 5 local interactive user home directories must have mode 750 or
less permissive.
rules: []
status: pending
rules:
- file_permissions_home_directories
status: automated

- id: SLEM-05-232035
levels:
- medium
title: All SLEM 5 local initialization files must have mode 740 or less permissive.
rules: []
status: pending
rules:
- file_permission_user_init_files
status: automated

- id: SLEM-05-232040
levels:
Expand Down Expand Up @@ -363,8 +366,9 @@ controls:
title:
All SLEM 5 local interactive user home directories must be group-owned by
the home directory owner's primary group.
rules: []
status: pending
rules:
- file_groupownership_home_directories
status: automated

- id: SLEM-05-232105
levels:
Expand Down Expand Up @@ -729,15 +733,17 @@ controls:
levels:
- high
title: There must be no .shosts files on SLEM 5.
rules: []
status: pending
rules:
- no_user_host_based_files
status: automated

- id: SLEM-05-255095
levels:
- high
title: There must be no shosts.equiv files on SLEM 5.
rules: []
status: pending
rules:
- no_host_based_files
status: automated

- id: SLEM-05-272010
levels:
Expand Down Expand Up @@ -798,17 +804,19 @@ controls:
title:
All SLEM 5 local interactive users must have a home directory assigned in
the /etc/passwd file.
rules: []
status: pending
rules:
- accounts_user_interactive_home_directory_defined
status: automated

- id: SLEM-05-411030
levels:
- medium
title:
All SLEM 5 local interactive user home directories defined in the /etc/passwd
file must exist.
rules: []
status: pending
rules:
- accounts_user_interactive_home_directory_exists
status: automated

- id: SLEM-05-411035
levels:
Expand Down Expand Up @@ -1268,15 +1276,17 @@ controls:
title:
SLEM 5 file integrity tool must be configured to verify Access Control Lists
(ACLs).
rules: []
status: pending
rules:
- aide_verify_acls
status: automated

- id: SLEM-05-651020
levels:
- medium
title: SLEM 5 file integrity tool must be configured to verify extended attributes.
rules: []
status: pending
rules:
- aide_verify_ext_attributes
status: automated

- id: SLEM-05-651025
levels:
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ identifiers:
cce@rhel10: CCE-89350-3
cce@sle12: CCE-83022-4
cce@sle15: CCE-85622-9
cce@slmicro5: CCE-93741-7

references:
disa: CCI-000366
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ identifiers:
cce@rhel10: CCE-89341-2
cce@sle12: CCE-83021-6
cce@sle15: CCE-85621-1
cce@slmicro5: CCE-93740-9

references:
disa: CCI-000366
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ identifiers:
cce@rhel10: CCE-90035-7
cce@sle12: CCE-83018-2
cce@sle15: CCE-85625-2
cce@slmicro5: CCE-93744-1

references:
cis-csc: 12,13,14,15,16,18,3,5
Expand Down
1 change: 1 addition & 0 deletions ...ystem/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ identifiers:
cce@rhel10: CCE-89933-6
cce@sle12: CCE-83075-2
cce@sle15: CCE-85627-8
cce@slmicro5: CCE-93745-8

references:
disa: CCI-000366
Expand Down
1 change: 1 addition & 0 deletions ...system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ identifiers:
cce@rhel10: CCE-86659-0
cce@sle12: CCE-83074-5
cce@sle15: CCE-85628-6
cce@slmicro5: CCE-93746-6

references:
cis@sle12: 6.2.5
Expand Down
1 change: 1 addition & 0 deletions ...x_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ identifiers:
cce@rhel10: CCE-87946-0
cce@sle12: CCE-83096-8
cce@sle15: CCE-85711-0
cce@slmicro5: CCE-93748-2

references:
cis@sle12: 6.2.7
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ identifiers:
cce@rhel10: CCE-87771-2
cce@sle12: CCE-83097-6
cce@sle15: CCE-85630-2
cce@slmicro5: CCE-93749-0

references:
disa: CCI-000366
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ identifiers:
cce@rhel10: CCE-86605-3
cce@sle12: CCE-83076-0
cce@sle15: CCE-85629-4
cce@slmicro5: CCE-93747-4

references:
cis@sle12: 6.2.6
Expand Down
1 change: 1 addition & 0 deletions linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ identifiers:
cce@rhel10: CCE-89640-7
cce@sle12: CCE-83150-3
cce@sle15: CCE-85623-7
cce@slmicro5: CCE-93742-5

references:
cis-csc: 2,3
Expand Down
1 change: 1 addition & 0 deletions ...ide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ identifiers:
cce@rhel10: CCE-89625-8
cce@sle12: CCE-83151-1
cce@sle15: CCE-85624-5
cce@slmicro5: CCE-93743-3

references:
cis-csc: 2,3
Expand Down
9 changes: 0 additions & 9 deletions shared/references/cce-slmicro5-avail.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,16 +35,7 @@ CCE-93736-7
CCE-93737-5
CCE-93738-3
CCE-93739-1
CCE-93740-9
CCE-93741-7
CCE-93742-5
CCE-93743-3
CCE-93744-1
CCE-93745-8
CCE-93746-6
CCE-93747-4
CCE-93748-2
CCE-93749-0
CCE-93750-8
CCE-93751-6
CCE-93752-4
Expand Down
Loading