Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix audit access rules in ISM_O #12670

Merged
merged 1 commit into from
Dec 4, 2024
Merged

Fix audit access rules in ISM_O #12670

merged 1 commit into from
Dec 4, 2024

Conversation

jan-cerny
Copy link
Collaborator

The rules audit_access_failed and audit_access_success fail after building and booting a CentOS Stream 9 hardened container image with the ism_o profile. The reason is that the remediation fails to create the files required by these rules because the package audit that provides the directory /etc/audit/rules.d where these files should be created isn't installed by default. The solution is to install the audit package as a part of the profile remediation.

@jan-cerny
Fix audit access rules in ISM_O
f428b94 
The rules `audit_access_failed` and `audit_access_success` fail
after building and booting a CentOS Stream 9 hardened container image
with the `ism_o` profile. The reason is that the remediation fails
to create the files required by these rules because the package `audit`
that provides the directory `/etc/audit/rules.d` where these files
should be created isn't installed by default. The solution is to
install the `audit` package as a part of the profile remediation.
@jan-cerny jan-cerny added RHEL9 Red Hat Enterprise Linux 9 product related. Update Profile Issues or pull requests related to Profiles updates. Image Mode Bootable containers and Image Mode RHEL labels Dec 4, 2024
@jan-cerny jan-cerny added this to the 0.1.76 milestone Dec 4, 2024
@jan-cerny jan-cerny requested a review from a team as a code owner December 4, 2024 15:02
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2024

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@codeclimate CodeClimate
Copy link

codeclimate bot commented Dec 4, 2024

Code Climate has analyzed commit f428b94 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 60.9% (0.0% change).

View more on Code Climate.

@Mab879 Mab879 self-assigned this Dec 4, 2024
@Mab879 Mab879 merged commit bf4ee45 into ComplianceAsCode:master Dec 4, 2024
105 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mab879 Mab879 Mab879 approved these changes

Assignees

@Mab879 Mab879

Labels
Image Mode Bootable containers and Image Mode RHEL RHEL9 Red Hat Enterprise Linux 9 product related. Update Profile Issues or pull requests related to Profiles updates.
Projects
None yet
Milestone
0.1.76
Development

Successfully merging this pull request may close these issues.
2 participants
@jan-cerny @Mab879