diff --git a/files/scap-security-guide-add-almalinux9-product.patch b/files/scap-security-guide-add-almalinux9-product.patch
index fd4a8af..bef9e81 100644
--- a/files/scap-security-guide-add-almalinux9-product.patch
+++ b/files/scap-security-guide-add-almalinux9-product.patch
@@ -1,749 +1,460 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 59e3de4d5..ae0148019 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -87,6 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui
- # project. Note that the example product is always disabled unless explicitly asked for.
- option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-+option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-@@ -317,6 +318,7 @@ message(STATUS " ")
- message(STATUS "Products:")
- message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}")
- message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}")
-+message(STATUS "AlmaLinux 9: ${SSG_PRODUCT_ALMALINUX9}")
- message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}")
- message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}")
- message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}")
-@@ -382,6 +384,9 @@ endif()
- if(SSG_PRODUCT_ALINUX3)
-     add_subdirectory("products/alinux3" "alinux3")
- endif()
-+if(SSG_PRODUCT_ALMALINUX9)
-+    add_subdirectory("products/almalinux9" "almalinux9")
-+endif()
- if(SSG_PRODUCT_ANOLIS8)
-     add_subdirectory("products/anolis8" "anolis8")
- endif()
-diff --git a/build_product b/build_product
-index 8685fffc6..f8c3e0203 100755
---- a/build_product
-+++ b/build_product
-@@ -359,6 +359,7 @@ all_cmake_products=(
- 	AL2023
- 	ALINUX2
- 	ALINUX3
-+	ALMALINUX9
- 	ANOLIS8
- 	ANOLIS23
- 	CHROMIUM
-diff --git a/components/rpm.yml b/components/rpm.yml
-index f32f248ad..eb6b16ee4 100644
---- a/components/rpm.yml
-+++ b/components/rpm.yml
-@@ -17,6 +17,7 @@ rules:
- - ensure_oracle_gpgkey_installed
- - ensure_package_repositories_are_configured
- - ensure_redhat_gpgkey_installed
-+- ensure_almalinux_gpgkey_installed
- - ensure_amazon_gpgkey_installed
- - ensure_suse_gpgkey_installed
- - package_dnf-automatic_installed
 diff --git a/controls/anssi.yml b/controls/anssi.yml
-index a03a06d56..86d42ae18 100644
+index 43258e5de..705a8284d 100644
 --- a/controls/anssi.yml
 +++ b/controls/anssi.yml
-@@ -1244,7 +1244,7 @@ controls:
-     - ensure_gpgcheck_never_disabled
-     - ensure_gpgcheck_globally_activated
-     - ensure_gpgcheck_local_packages
--    - ensure_redhat_gpgkey_installed
-+    - ensure_almalinux_gpgkey_installed
-     - ensure_oracle_gpgkey_installed
+@@ -1254,7 +1254,7 @@ controls:
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_globally_activated
+           - ensure_gpgcheck_local_packages
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_oracle_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
  
-   - id: R60
-@@ -1363,7 +1363,6 @@ controls:
-       When authentication takes place through a remote application (network),
-       the authentication protocol used by PAM must be secure (flow encryption,
-       remote server authentication, anti-replay mechanisms, ...).
--    {{% if "rhel" in product or "ol" in families %}}
-     notes: |-
-       In {{{ full_name }}} systems, remote authentication is handled through sssd service.
-       PAM delegates requests for remote authentication to this service through a
-@@ -1386,10 +1385,6 @@ controls:
-       {{% endif %}}
-     related_rules:
-       - package_sssd-ipa_installed
--    {{% else %}}
--    notes: We cannot automate securing of remote PAM authentication in a general way.
--    status: manual
--    {{% endif %}}
+diff --git a/controls/cis_almalinux9.yml b/controls/cis_almalinux9.yml
+index 0b8a8ecaf..963d5df62 100644
+--- a/controls/cis_almalinux9.yml
++++ b/controls/cis_almalinux9.yml
+@@ -363,7 +363,7 @@ controls:
+           - l1_workstation
+       status: manual
+       related_rules:
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
  
-   - id: R68
-     title: Protecting stored passwords
+     - id: 1.2.1.2
+       title: Ensure gpgcheck is globally activated (Automated)
 diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml
-index 825328bc2..f8f2e295a 100644
+index 6e9f1a526..f2fb754fa 100644
 --- a/controls/cis_rhel10.yml
 +++ b/controls/cis_rhel10.yml
-@@ -365,7 +365,7 @@ controls:
-       - l1_workstation
-     status: manual
-     related_rules:
--      - ensure_redhat_gpgkey_installed
-+      - ensure_almalinux_gpgkey_installed
+@@ -368,7 +368,7 @@ controls:
+           - l1_workstation
+       status: manual
+       related_rules:
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
  
-   - id: 1.2.1.2
-     title: Ensure gpgcheck is globally activated (Automated)
+     - id: 1.2.1.2
+       title: Ensure gpgcheck is configured (Automated)
 diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
-index 95b94d22f..1840be10e 100644
+index a5b889cd5..5c9c9af89 100644
 --- a/controls/cis_rhel8.yml
 +++ b/controls/cis_rhel8.yml
-@@ -353,7 +353,7 @@ controls:
-       - l1_workstation
-     status: manual
-     related_rules:
--      - ensure_redhat_gpgkey_installed
-+      - ensure_almalinux_gpgkey_installed
+@@ -356,7 +356,7 @@ controls:
+           - l1_workstation
+       status: manual
+       related_rules:
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
  
-   - id: 1.2.2
-     title: Ensure gpgcheck is globally activated (Automated)
-diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml
-index 9004c8426..916505823 100644
---- a/controls/cis_rhel9.yml
-+++ b/controls/cis_rhel9.yml
-@@ -360,7 +360,7 @@ controls:
-       - l1_workstation
-     status: manual
-     related_rules:
--      - ensure_redhat_gpgkey_installed
-+      - ensure_almalinux_gpgkey_installed
- 
-   - id: 1.2.1.2
-     title: Ensure gpgcheck is globally activated (Automated)
+     - id: 1.2.2
+       title: Ensure gpgcheck is globally activated (Automated)
 diff --git a/controls/e8.yml b/controls/e8.yml
-index 49a58ef29..ebbffc918 100644
+index eecf857ad..4000844eb 100644
 --- a/controls/e8.yml
 +++ b/controls/e8.yml
-@@ -23,7 +23,7 @@ controls:
-             - service_avahi-daemon_disabled
-             - package_squid_removed
-             - service_squid_disabled
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_globally_activated
+@@ -24,7 +24,7 @@ controls:
+           - service_avahi-daemon_disabled
+           - package_squid_removed
+           - service_squid_disabled
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_globally_activated
 diff --git a/controls/hipaa.yml b/controls/hipaa.yml
-index 3de4d53c2..8e5d4f27d 100644
+index 0f5470740..f0b1b567a 100644
 --- a/controls/hipaa.yml
 +++ b/controls/hipaa.yml
-@@ -163,7 +163,7 @@ controls:
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_repo_metadata
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_suse_gpgkey_installed
-         status: automated
- 
-@@ -1377,7 +1377,7 @@ controls:
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_repo_metadata
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_suse_gpgkey_installed
-         status: automated
- 
-@@ -1407,7 +1407,7 @@ controls:
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_repo_metadata
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_suse_gpgkey_installed
-         status: automated
- 
-@@ -1426,7 +1426,7 @@ controls:
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_repo_metadata
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_suse_gpgkey_installed
-         status: automated
- 
-@@ -1699,7 +1699,7 @@ controls:
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
-             - ensure_gpgcheck_repo_metadata
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-             - ensure_suse_gpgkey_installed
-         status: automated
+@@ -170,7 +170,7 @@ controls:
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_repo_metadata
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_suse_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
+       status: automated
+@@ -1388,7 +1388,7 @@ controls:
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_repo_metadata
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_suse_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
+       status: automated
+@@ -1419,7 +1419,7 @@ controls:
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_repo_metadata
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_suse_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
+       status: automated
+@@ -1439,7 +1439,7 @@ controls:
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_repo_metadata
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_suse_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
+       status: automated
+@@ -1720,7 +1720,7 @@ controls:
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+           - ensure_gpgcheck_repo_metadata
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - ensure_suse_gpgkey_installed
+           - ensure_almalinux_gpgkey_installed
+       status: automated
+diff --git a/controls/ism_o.yml b/controls/ism_o.yml
+index f697010f5..c3f5e7bd9 100644
+--- a/controls/ism_o.yml
++++ b/controls/ism_o.yml
+@@ -603,7 +603,7 @@ controls:
+           - ensure_gpgcheck_globally_activated
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+           - dnf-automatic_security_updates_only
+       status: automated
  
 diff --git a/controls/ospp.yml b/controls/ospp.yml
-index 8e3f400ed..4d724aa2b 100644
+index d3f59d9a2..5c5bbc813 100644
 --- a/controls/ospp.yml
 +++ b/controls/ospp.yml
-@@ -448,7 +448,7 @@ controls:
-             - ensure_gpgcheck_globally_activated
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-         status: automated
+@@ -447,7 +447,7 @@ controls:
+           - ensure_gpgcheck_globally_activated
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+       status: automated
  
-     -   id: FPT_TUD_EXT.2
-@@ -462,7 +462,7 @@ controls:
-             - ensure_gpgcheck_globally_activated
-             - ensure_gpgcheck_local_packages
-             - ensure_gpgcheck_never_disabled
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-         status: automated
+     - id: FPT_TUD_EXT.2
+@@ -461,7 +461,7 @@ controls:
+           - ensure_gpgcheck_globally_activated
+           - ensure_gpgcheck_local_packages
+           - ensure_gpgcheck_never_disabled
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+       status: automated
  
-     -   id: FPT_TST_EXT.1
+     - id: FPT_TST_EXT.1
 diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml
-index 17b688dfa..23bbc421c 100644
+index 087341f71..3243d6f5a 100644
 --- a/controls/pcidss_4.yml
 +++ b/controls/pcidss_4.yml
-@@ -1554,7 +1554,7 @@ controls:
-         - base
-       status: automated
+@@ -1555,7 +1555,7 @@ controls:
+                 - base
+             status: automated
+             rules:
+-                - ensure_redhat_gpgkey_installed
++                - ensure_almalinux_gpgkey_installed
+                 - ensure_suse_gpgkey_installed
+                 - ensure_almalinux_gpgkey_installed
+                 - ensure_gpgcheck_globally_activated
+diff --git a/controls/stig_rhel8.yml b/controls/stig_rhel8.yml
+index 6bd332f68..41f580913 100644
+--- a/controls/stig_rhel8.yml
++++ b/controls/stig_rhel8.yml
+@@ -3172,7 +3172,7 @@ controls:
+           - medium
+       title: RHEL 8 must ensure cryptographic verification of vendor software packages.
        rules:
--        - ensure_redhat_gpgkey_installed
-+        - ensure_almalinux_gpgkey_installed
-         - ensure_suse_gpgkey_installed
-         - ensure_gpgcheck_globally_activated
-         - ensure_gpgcheck_never_disabled
-diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
-index dbec9fe45..c237f1be4 100644
---- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
-+++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
-@@ -21,5 +21,8 @@ controls:
-             {{% if 'ol' in product %}}
-             - ensure_oracle_gpgkey_installed
-             {{% endif %}}
-+            {{% if 'almalinux' in product %}}
-+            - ensure_almalinux_gpgkey_installed
-+            {{% endif %}}
- 
-         status: automated
-diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml
-index b7197b06a..aa351548c 100644
---- a/controls/stig_rhel9.yml
-+++ b/controls/stig_rhel9.yml
-@@ -377,7 +377,7 @@ controls:
-             - medium
-         title: RHEL 9 must ensure cryptographic verification of vendor software packages.
-         rules:
--            - ensure_redhat_gpgkey_installed
-+            - ensure_almalinux_gpgkey_installed
-         status: automated
- 
-     -   id: RHEL-09-214015
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
-index 53e61fb25..e9a0edcde 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- # Perform the remediation for the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
-index 8a48783f6..b846f8113 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- # Perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
-index c944fb9e6..b506644af 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
-index c944fb9e6..b506644af 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
-index c1352ae38..31de43746 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
-index c944fb9e6..b506644af 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
-index 590a5ff6b..5ceb15d9b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
-index bdf3015c4..658327033 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
-index 1ee266d25..a32ed4e88 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
- # reboot = false
- # complexity = low
- # disruption = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
-index 7c8e520c1..e5c1d9d93 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
-index 6d545f87c..613960cbc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- # reboot = false
- # complexity = low
- # disruption = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
-index 639d76a21..7f4d463d6 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
-index 73a9f1dff..6daf2c30b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian
- # reboot = false
- # complexity = low
- # disruption = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
-index 083a612a0..3228b89b7 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
-index 009564309..784bba987 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
- # packages = audit
- 
- rm -f /etc/audit/rules.d/*
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
-index 1ea2bcfa9..06d0f131a 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
+-          - ensure_redhat_gpgkey_installed
++          - ensure_almalinux_gpgkey_installed
+       status: automated
  
+     - id: RHEL-08-010358
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
-index e8b40c40b..e5236edeb 100644
+index 536e45f3a..6fc5182e2 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
-index b1e45d310..ad0406008 100644
+index e1aedcc12..041b3a99a 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
-index c602f8e49..9ad785f22 100644
+index 19e56d957..62dc263da 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
-index 00e9c031c..af04b3b7e 100644
+index 03066622a..00b22dffc 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
-index 8c380177f..7cb0a78a9 100644
+index 5997a0f4b..f8b934477 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
-index a321ab78b..a54b2e4d6 100644
+index 6614a0151..2d8a70c4d 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
-index e2750dbee..f6561744c 100644
+index ca6cb501c..6e94b709f 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
-index d8379bfe5..eff862abe 100644
+index 4cf3be21b..634990a72 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
-index cbbcb5f67..6e8ac702e 100644
+index a943dcd2f..5a5c849c4 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
-index 22b979187..ff6aa93e4 100644
+index a3feca25d..eb3da476b 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
-index afdeb73d1..71066fdfb 100644
+index 4cee4cfb3..09d901e81 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
-index b14bc1951..3788e02a3 100644
+index b15a095da..44c6a0115 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
- # profiles = xccdf_org.ssgproject.content_profile_cis
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
  
  path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
-index b3f4eb102..e6bb717eb 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-index 3526d3fea..046a977ca 100644
+index 48bf48bd2..0c9d7c81e 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  {{{ setup_auditctl_environment() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-index 1fbd8ba8a..65ac95bb2 100644
+index 5d91bba64..5d53ea73c 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  {{{ setup_auditctl_environment() }}}
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-index 20fee9f76..71dfe4b3c 100644
+index 92186611b..ee66ac9dc 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  {{{ setup_auditctl_environment() }}}
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-index 5cc15361e..2e18c47f0 100644
+index 7e041ef90..1d5b3127b 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  {{{ setup_auditctl_environment() }}}
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
-index dc7ae3bdf..ff7f21c64 100644
+index a6592b8e1..9962409ea 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  {{{ setup_auditctl_environment() }}}
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-index ee36da807..bd848737d 100644
+index d5c338857..af5946007 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  # augenrules is default for rhel7
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-index b6aabf247..8405f0ba1 100644
+index 0a16a0c50..8a4e1608a 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
 @@ -1,7 +1,7 @@
  #!/bin/bash
  # packages = audit
  # remediation = none
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
-index 12f1b429a..8dea24479 100644
+index adbf71ccf..cac9509dd 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
  echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-index 711bae803..617ff1b33 100644
+index 2f01315e0..0fcf5d593 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
   sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
-index d272fd1d5..f7c0fec7d 100644
+index 2c3c6124c..0e5ad3011 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
-index ecda20ef9..115487067 100644
+index ee2c9ce79..cabf11a5b 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-index 51482922f..4ac366ec9 100644
+index 43e72845c..b16ac83f1 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
  # change key of rules for binaries in /usr/sbin
@@ -760,66 +471,66 @@ index 6ef31d987..2da0682e0 100644
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
-index 45acc82b6..2505b138b 100644
+index a45b84843..f4e964bc1 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  . $SHARED/partition.sh
  
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
-index 79c0bb972..2968492ac 100644
+index 1f42f8652..e2dbd9bd9 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
  sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-index a8667bbfb..471d2aff2 100644
+index e58060ff7..556cd112a 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules
  echo "-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-index b2e18d1cd..5c56cdb6d 100644
+index 8f3c02693..0d251f46b 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
  echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-index 81fc6dd16..9c3f84ef8 100644
+index 2dba37605..c9684121a 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
+-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
  
  ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
-index 6c114c13c..5c5f7185c 100644
+index f0ea21841..6f744d05b 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -838,56 +549,6 @@ index f4fff8181..6c379ca01 100644
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
-index 44feb6dc4..7a5b0fa5e 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
-index c4c78f756..c9c2d7239 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_debian,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_debian,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
-index 7e18fe435..a27adad2d 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
-index 102d4b40b..f9a428790 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_debian,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_debian,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
-index b57078075..5d03b92a6 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- # Traverse all of:
- #
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
 index 26d02c24e..28daa9106 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
@@ -899,36 +560,6 @@ index 26d02c24e..28daa9106 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
-index 94768073f..6fd009b50 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
-index e55119fd1..2e7514b51 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
-index 79440e79b..614a4e09c 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/etc/selinux/", "wa", "MAC-policy") }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
 index 889f83178..7896d4cb1 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
@@ -940,66 +571,6 @@ index 889f83178..7896d4cb1 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
-index 496670fad..a9cce0a56 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
-index b61368c0c..eb3bf47f9 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/usr/share/selinux/", "wa", "MAC-policy") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
-index fb56e5550..ea6929b63 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- # reboot =false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
-index 1e040de05..65a6c1127 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
-index 58be87f4b..3adce26dc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
-index bd42cc0f1..366b790a4 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
 index 8b2377d44..39c2bba69 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
@@ -1012,42 +583,22 @@ index 8b2377d44..39c2bba69 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
-index 0e882f8c9..e18326c0d 100644
+index 9c5b7d2eb..cae43ea29 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
-index 15d6fa4e2..7f98c9915 100644
+index dd0efe72d..c3e8fc990 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
-index 340551b27..3dcf0ed87 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
-index 424d65c1f..f787822c0 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
@@ -1062,16 +613,6 @@ index 323a798b1..46fad7416 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
-index 1dfe6124c..7e915ca96 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- 
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
 index 336beb2b7..26c47e462 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
@@ -1083,25 +624,6 @@ index 336beb2b7..26c47e462 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
-index 07965e2c7..908fa6e54 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
-index 24b4da6b6..1b2b4dd27 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
 index 49c97e395..51f48c0f9 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
@@ -1113,16 +635,6 @@ index 49c97e395..51f48c0f9 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
-index c511ede45..617b679c5 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
 index ec76157d4..0f9e9f7cc 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
@@ -1134,15 +646,6 @@ index ec76157d4..0f9e9f7cc 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
-index b7f44ab38..e6b1d1856 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
 index 3f43030e9..85e9a47c8 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
@@ -1154,15 +657,6 @@ index 3f43030e9..85e9a47c8 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
-index b7f44ab38..e6b1d1856 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
 index 8a58bbc38..1a73014dc 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
@@ -1174,37 +668,6 @@ index 8a58bbc38..1a73014dc 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
-index 0899dcded..fa722e21d 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
-index 140506b60..4290a051f 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
-index ec17adf55..0ecb4079c 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
 index 09d4e8ff5..6a8e8bdab 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
@@ -1217,310 +680,66 @@ index 09d4e8ff5..6a8e8bdab 100644
  
  groupadd group_test
  
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
-index 0dad1bfe1..29632f729 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- 
- if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
-   DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev)
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
-index 7e8c49123..999d914cd 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common_0700.sh
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
-index 7cfadc195..3bb0cefbb 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common_0700.sh
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
-index 3654389ed..64e3e8ebc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common_0700.sh
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
-index b93254a4b..c7d66ccbb 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common_0700.sh
- 
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-index 6f19e15c6..b1d995c61 100644
+index 1343cfbf2..3241e6cdc 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_fedora
  
  if grep -iwq "log_file" /etc/audit/auditd.conf; then
      FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
-index cf4b02b90..cd69f17c2 100644
+index d7c821524..f7fd9a307 100644
 --- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
 +++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
  
  if grep -iwq "log_file" /etc/audit/auditd.conf; then
      FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
-index 3a0d9a4e9..ab43ceb2b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- #!/bin/bash
- 
- sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
-index 1879113b8..8798ae1ae 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- #!/bin/bash
- 
- sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
-index 722f6731a..7f1879db2 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
-index 0b42da512..013401d8c 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- 
- if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
-     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
-index 15023ca70..488ef3e3f 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # packages = audit
- 
- source common_0600.sh
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
-index 04d76809f..6475f83ae 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # packages = audit
- 
- source common_0600.sh
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
-index aea9d1b10..3f045e4c7 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # packages = audit
- 
- source common_0600.sh
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
-index 003e3330f..368540adc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # packages = audit
- 
- source common_0600.sh
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
-index 083f32d74..655635941 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
-index e5743cfad..b60215a3e 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_audispd_remote_server") }}}
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
-index d4ba66ac7..de8c26b9c 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
-index 76c1ad183..18a751f06 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_audispd_disk_full_action") }}}
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
-index d238e7277..cbeae4d55 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
-index 90f6fbc93..d64b401df 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_audispd_network_failure_action") }}}
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
-index 28d00f26e..bf391529f 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- . $SHARED/auditd_utils.sh
- prepare_auditd_test_enviroment
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
-index fea488a3e..62a08e1c7 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- . $SHARED/auditd_utils.sh
- prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
-index caf9766f5..e559c56ae 100644
+index 0a5e51c3f..a6b1538fc 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
- # remediation = bash
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  . $SHARED/auditd_utils.sh
+ prepare_auditd_test_enviroment
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
-index c87268eae..d28fac1a9 100644
+index 028fbc3f9..3bd65184f 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
-index 0bb1518ef..d1023b9e6 100644
+index 91b198fad..fd937e57d 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
 +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = audit
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = bash
  
  . $SHARED/auditd_utils.sh
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
-index b075778f5..d9baf1b4f 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
-index d0065b38c..7027992a4 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
@@ -1532,26 +751,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
-index 06f4a10c6..ba788edbf 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
-index 78726bbc6..0a36846ab 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
@@ -1563,26 +762,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
-index 4205bb067..d7a1a4d8b 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
-index 698076ac8..e59677252 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
@@ -1594,26 +773,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
-index 61cc4751d..7f66a5c15 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
-index 8ab6e16ab..110211558 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
@@ -1625,46 +784,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
-index bcb4b0de9..2f6e309d3 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
-index 06d79abb6..258378a89 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}}
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-index 49efdc918..ab901e892 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-index f377a92dd..44680a119 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_admin_space_left_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
@@ -1676,26 +795,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
-index 9c8afcfa3..53a6da7e0 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
-index 79b916559..40632d099 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_auditd_flush") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
@@ -1707,98 +806,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
-index ba44b2bb5..303e1d8f7 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
-index a8f68412c..0c0d35e0d 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
-index f3301e81a..eb39696dd 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
-index 64ebd312f..c43471049 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
-index f6e0c1088..a51782746 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
-index 47f3daf89..5cab1da02 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # remediation = bash
- 
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
-index c70cd104e..c97fbf56e 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
-index 8a53bf847..95c5446b6 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_max_log_file") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
@@ -1810,26 +817,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
-index 69ae3cb89..f48f36569 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
-index 5007f965f..4c06ea831 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
@@ -1841,26 +828,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
-index 69ae3cb89..f48f36569 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
-index 4609f8ec9..f4b4664e3 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
@@ -1872,16 +839,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
-index 7deaa0607..748a59d80 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
@@ -1893,26 +850,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
-index ab0bea58e..a6158699d 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
-index a53f062b5..e0200450d 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_space_left") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
@@ -1924,26 +861,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-index bf6dec7e1..5ab7ec344 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-index e6a508f32..4be7f5b35 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_auditd_space_left_action") }}}
- 
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
@@ -1988,26 +905,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
-index 64042da08..2a1e5e6d8 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
-index 638b566dc..8c5acfbe9 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = true
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
@@ -2019,26 +916,6 @@ index 55f407e01..b9084af21 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
-index 37fc1df9b..18d04768e 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
-index aba1bf099..e628e189c 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = true
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
 index 55f407e01..b9084af21 100644
 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
@@ -2051,7 +928,7 @@ index 55f407e01..b9084af21 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
-index b14a9d1ea..bae972a3d 100644
+index 8ce3a4141..4e02b8282 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
 @@ -28,7 +28,7 @@ severity: medium
@@ -2097,7 +974,7 @@ index 413293083..3f8c50a39 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
-index 07f1995d3..30466b97c 100644
+index 31dacde7e..0ba58ad84 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
 @@ -27,7 +27,7 @@ severity: medium
@@ -2143,7 +1020,7 @@ index f62426900..bd3ddd10a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
-index 6e54357fb..e5dc076dd 100644
+index dff42045c..e41212dc6 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
 @@ -36,7 +36,7 @@ severity: medium
@@ -2178,7 +1055,7 @@ index 08c8dc855..e9277f263 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
-index 8f2967b86..497e9d14e 100644
+index 6dde3307f..d13c8046f 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
 @@ -30,7 +30,7 @@ severity: medium
@@ -2202,7 +1079,7 @@ index dab3d0eaa..620596c44 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
-index fd0c14485..2c74a5745 100644
+index f3d51b3fe..849e07c63 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
 @@ -28,7 +28,7 @@ severity: medium
@@ -2248,7 +1125,7 @@ index bff04fe4c..a56d7f18f 100644
  {{% set file_contents = """## Successful file delete
  -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
 diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
-index de80eee5e..8b847c0fb 100644
+index 6f39f271c..ce89fdfe9 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
 @@ -26,7 +26,7 @@ severity: medium
@@ -2305,7 +1182,7 @@ index 2d9279849..ec6477378 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
-index b3c3f4df7..0edd1130c 100644
+index d7bd0b785..3cbbc87f1 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
 @@ -36,7 +36,7 @@ severity: medium
@@ -2351,7 +1228,7 @@ index c6f796967..7a6e545c4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
-index eb6c21648..001790bdd 100644
+index cc6712432..fc9c319ee 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
 @@ -31,7 +31,7 @@ severity: medium
@@ -2421,7 +1298,7 @@ index 231034a9c..460877cec 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-index 6002067e5..0515753c4 100644
+index 96ee57492..09bfe412b 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -2432,10 +1309,10 @@ index 6002067e5..0515753c4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
-index 43c10850f..d856b0849 100644
+index f9f327973..9a8366d84 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
-@@ -142,7 +142,7 @@ severity: medium
+@@ -149,7 +149,7 @@ severity: medium
  
  # on RHEL9+ there are rules which cover particular hardware architectures
  # so do not apply this rule but apply the specific one instead
@@ -2445,7 +1322,7 @@ index 43c10850f..d856b0849 100644
      - not aarch64_arch and not ppc64le_arch
  {{% endif %}}
 diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
-index c122b209f..d1f676a94 100644
+index ac946bfe0..7480f574f 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -2456,7 +1333,7 @@ index c122b209f..d1f676a94 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
-index fa81ece03..7a26684d2 100644
+index 23940aca3..8775144da 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -2467,7 +1344,7 @@ index fa81ece03..7a26684d2 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
-index da5675b52..fc4ab9d98 100644
+index d9fbc3779..0437fc30f 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
 @@ -28,7 +28,7 @@ severity: medium
@@ -2480,7 +1357,7 @@ index da5675b52..fc4ab9d98 100644
      - not aarch64_arch and not ppc64le_arch
  {{% endif %}}
 diff --git a/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
-index acad2197a..a6e2ba04a 100644
+index 25c32a08b..5b3ebd1c3 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
 @@ -26,7 +26,7 @@ severity: medium
@@ -2493,7 +1370,7 @@ index acad2197a..a6e2ba04a 100644
      - not aarch64_arch and not ppc64le_arch
  {{% endif %}}
 diff --git a/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
-index c3dc80d3e..893cdfd44 100644
+index 97b8a1583..fed5769af 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
 @@ -28,7 +28,7 @@ severity: medium
@@ -2506,7 +1383,7 @@ index c3dc80d3e..893cdfd44 100644
      - not aarch64_arch and not ppc64le_arch
  {{% endif %}}
 diff --git a/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
-index b4d600325..641e734d9 100644
+index c95c2a0f4..caab9a3ff 100644
 --- a/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
 +++ b/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
 @@ -26,7 +26,7 @@ severity: medium
@@ -2518,28 +1395,18 @@ index b4d600325..641e734d9 100644
  platforms:
      - not aarch64_arch and not ppc64le_arch
  {{% endif %}}
-diff --git a/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml b/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml
-index 89d6152dc..7afbf02b7 100644
---- a/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
-index 1f6a233ed..9f3a4d6b4 100644
---- a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
-+++ b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- kdump --disable
+diff --git a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
+index 1e575a03c..45bfed419 100644
+--- a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
++++ b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
+@@ -1,4 +1,4 @@
+-{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "rhel10", "sle12", "sle15"] %}}
++{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "almalinux9", "rhel10", "sle12", "sle15"] %}}
+ {{% set package_name = "cronie" %}}
+ {{% else %}}
+ {{% set package_name = "cron" %}}
 diff --git a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
-index 7977cba9f..f382450ee 100644
+index d54589c84..8124ad459 100644
 --- a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
 +++ b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
 @@ -1,4 +1,4 @@
@@ -2548,18 +1415,8 @@ index 7977cba9f..f382450ee 100644
  {{% set service_name = "crond" %}}
  {{% else %}}
  {{% set service_name = "cron" %}}
-diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
-index 646e63f4b..cb346ebf4 100644
---- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
-+++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- 
- # Use LDAP for authentication
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
-index a0330236a..89efc61e4 100644
+index 59218a0ea..daba64fed 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -2569,7 +1426,7 @@ index a0330236a..89efc61e4 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
-index 001ead7d6..1fc220d8a 100644
+index 43e16c187..b2af04b32 100644
 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
 +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -2578,26 +1435,6 @@ index 001ead7d6..1fc220d8a 100644
  
  {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
  
-diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
-index ef8290b59..ad730ee5c 100644
---- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
-+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
-index befe1acf3..e36b1fd3e 100644
---- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
-+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}}
- 
 diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
 index 4963780f8..c3bc5b0de 100644
 --- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
@@ -2622,16 +1459,6 @@ index fdfe38968..92a468e1e 100644
  
  {{{ bash_package_remove("ntp") }}}
  
-diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
-index 524cdc7d0..2678708d2 100644
---- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
-+++ b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_replace_or_append(chrony_conf_path, '^port', '0', '%s %s') }}}
 diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
 index c435df983..b80ffbf7b 100644
 --- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
@@ -2643,16 +1470,6 @@ index c435df983..b80ffbf7b 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
-index 25b768688..a1e46bc12 100644
---- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
-+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- 
- {{{ bash_replace_or_append(chrony_conf_path, '^cmdport', '0', '%s %s') }}}
 diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
 index c435df983..b80ffbf7b 100644
 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
@@ -2723,238 +1540,11 @@ index c435df983..b80ffbf7b 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
-index b7eaee763..ceeb3228c 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
-index 2e3d4e406..a348b99df 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
-index b75e59c2e..6c3415c34 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
-index e7c266e7f..7ce4dd93a 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
-index 7b9cbcb9a..154effcbd 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
-index 0b8c54cfb..7a44d477b 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
-index 69908e41f..0c506bca3 100644
---- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # packages = chrony
- 
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
-index b2427c1d5..2d62ca68b 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- echo "" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
-index 16c634e0a..e0e0b136a 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- rm -f {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
-index 56b414e2e..c28bc2f7f 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- echo "some line" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
-index 01a21e0b0..3b8082c73 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- sed -i "^pool.*" {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
-index 6f45a555f..5d03e6e21 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- sed -i "^server.*" {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
-index ec9e58c75..1a31ccf74 100644
---- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- sed -i "^pool.*" {{{ chrony_conf_path }}}
- echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
-index d74bde623..8f83241cd 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
-index 56cee5abd..a8d771d62 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "pool 0.pool.ntp.org" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
-index 50e0715cc..e75a1ec07 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "" > {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
-index d89bdb1e5..a56b2e0dc 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- rm -f {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
-index ce121222a..3c7d36f8b 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "some line" > {{{ chrony_conf_path }}}
- echo "another line" >> {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
-index 917d2e610..eccff3389 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
- echo "server 1.pool.ntp.org" >> {{{ chrony_conf_path }}}
-diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
-index 5f0ad2c6e..7c6175efb 100644
---- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- echo "server " > {{{ chrony_conf_path }}}
 diff --git a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
-index 722c975d6..0729c839f 100644
+index d41c69ef3..67f85b0d5 100644
 --- a/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
 +++ b/linux_os/guide/services/ntp/service_ntpd_enabled/rule.yml
-@@ -48,7 +48,7 @@ template:
+@@ -50,7 +50,7 @@ template:
  
  platform: package[ntp]
  
@@ -2964,10 +1554,10 @@ index 722c975d6..0729c839f 100644
      - general:
          The <pre>ntp</pre> package is not available in {{{ full_name }}}. Please
 diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
-index 6122e38ba..dc82f69a1 100644
+index c1e0d7193..fad409f48 100644
 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
-@@ -44,7 +44,7 @@ template:
+@@ -42,7 +42,7 @@ template:
      vars:
          pkgname: xinetd
  
@@ -2977,10 +1567,10 @@ index 6122e38ba..dc82f69a1 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
-index a4dae4c52..1aa60e19f 100644
+index 1878cf937..68d66c48c 100644
 --- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
-@@ -38,7 +38,7 @@ template:
+@@ -39,7 +39,7 @@ template:
          pkgname: ypbind
          pkgname@debian12: ypbind-mt
  
@@ -2990,7 +1580,7 @@ index a4dae4c52..1aa60e19f 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
-index 26c2c2e80..e553ff595 100644
+index ab37fab3c..611fe2360 100644
 --- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
 @@ -46,7 +46,7 @@ template:
@@ -3002,31 +1592,11 @@ index 26c2c2e80..e553ff595 100644
  warnings:
      - general:
          The package is not available in {{{ full_name }}}.
-diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
-index 9c6fc297c..7db8e8320 100644
---- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
-+++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
-index e64838b15..baaa07631 100644
---- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
-+++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- find /root -xdev -type f -name ".rhosts" -exec rm -f {} \;
- find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \;
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-index 3c2b23136..9a818ccf2 100644
+index 925223e63..7e7e54b98 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
-@@ -47,7 +47,7 @@ template:
+@@ -43,7 +43,7 @@ template:
      vars:
          pkgname: rsh-server
  
@@ -3036,12 +1606,12 @@ index 3c2b23136..9a818ccf2 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-index 38024ff19..85dc74a29 100644
+index 8b8cc3406..ccf391f50 100644
 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
-@@ -56,7 +56,7 @@ template:
-         pkgname@ubuntu2004: rsh-client
+@@ -53,7 +53,7 @@ template:
          pkgname@ubuntu2204: rsh-client
+         pkgname@ubuntu2404: rsh-client
  
 -{{% if product in ["rhel8", "rhel9"] %}}
 +{{% if product in ["rhel8", "rhel9", "almalinux9"] %}}
@@ -3062,10 +1632,10 @@ index a820ba060..d1b6c8a17 100644
      - general:
          The package is not available in {{{ full_name }}}.
 diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-index 5e382e97b..4457e5e49 100644
+index 3004f7fda..eaad2959c 100644
 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
 +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
-@@ -38,7 +38,7 @@ template:
+@@ -37,7 +37,7 @@ template:
      vars:
          pkgname: talk
  
@@ -3074,8 +1644,21 @@ index 5e382e97b..4457e5e49 100644
  warnings:
      - general:
          The package is not available in {{{ full_name }}}.
+diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
+index aabc4380f..516bd5d07 100644
+--- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
++++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
+@@ -45,7 +45,7 @@ warnings:
+       Consequently, the rngd service can't be started in FIPS mode.
+ {{% endif %}}
+ 
+-{{% if product in ["fedora", "ol9", "ol10", "rhel9", "rhel10"] %}}
++{{% if product in ["fedora", "ol9", "ol10", "rhel9", "almalinux9", "rhel10"] %}}
+ platform: not runtime_kernel_fips_enabled
+ warnings:
+   - general: |-
 diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
-index a66068605..f25b95045 100644
+index a10c4daa1..bfb3121f4 100644
 --- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
 +++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3095,7 +1678,7 @@ index 9e1f01f53..d7d4c2651 100644
  #By Luke "Brisk-OH" Brisk
  #luke.brisk@boeing.com or luke.brisk@gmail.com
 diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
-index ca07eef0e..9a56d0833 100644
+index 2ea6b4821..e9398b913 100644
 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
 +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -3114,183 +1697,8 @@ index c54b259d0..78a682cc8 100644
  
  {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
  
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
-index cd5171c1b..6301578ba 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- if ! grep -q ssh_keys /etc/group; then
-     groupadd ssh_keys
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
-index 840370623..c64f052be 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_group="cac_testgroup"
- groupadd $test_group
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
-index 4964fe4a1..f5fd88dd3 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_group="cac_testgroup"
- groupadd $test_group
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
-index 8028e0466..36ebda0b3 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub)
- chgrp root "$FAKE_KEY"
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
-index 56c713f3d..505f3adfb 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_group="cac_testgroup"
- groupadd $test_group
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
-index 7cffa2c97..9c0f3a28b 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- rm -f /etc/ssh/*.pub
-diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
-index b6bef987d..799d5044b 100644
---- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
-+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_group="cac_testgroup"
- groupadd $test_group
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
-index b36e8a3d7..494455df2 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
- chown root "$FAKE_KEY"
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
-index 30da398eb..4ee3a3c1f 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_user="cac_testuser"
- useradd $test_user
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
-index 59f414be3..484da1eec 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_user="cac_testuser"
- useradd $test_user
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
-index adc985a1a..489f65995 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub)
- chown root "$FAKE_KEY"
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
-index 4fa528fe3..bbc3c6147 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_user="cac_testuser"
- useradd $test_user
-diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
-index 16878dc1d..6c3983a9d 100644
---- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
-+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- test_user="cac_testuser"
- useradd $test_user
-diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
-index 28325e1f7..d19148a0b 100644
---- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
-+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
- chown root:ssh_keys "$FAKE_KEY"
-diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
-index 63e2d8642..8a5a658b5 100644
---- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
-+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
- chown root:ssh_keys "$FAKE_KEY"
-diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
-index 48ecfbcac..c5a05db8b 100644
---- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
-+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
- chown root:ssh_keys "$FAKE_KEY"
 diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
-index 5a97f74df..104b27f3f 100644
+index ecc0d0386..c89a8a845 100644
 --- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
 +++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
@@ -3299,384 +1707,53 @@ index 5a97f74df..104b27f3f 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
-index dddb0e0e9..0eac6ed8c 100644
---- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
-+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
-@@ -53,7 +53,7 @@
- 
-     <ind:textfilecontent54_object id="object_firewalld_sshd_port_enabled_zones_assigned_to_nics"
-         comment="Check the respective zone parameter in all NICs configuration files" version="3">
--        {{% if product in ["fedora", "ol9", "rhel9", "rhel10"] %}}
-+        {{% if product in ["fedora", "ol9", "rhel9", "almalinux9", "rhel10"] %}}
-         <ind:path>/etc/NetworkManager/system-connections</ind:path>
-         <ind:filename operation="pattern match">.*\.nmconnection</ind:filename>
-         <ind:pattern operation="pattern match">^zone=(.*)$</ind:pattern>
-@@ -83,7 +83,7 @@
-     <unix:file_object id="object_firewalld_sshd_port_enabled_network_conf_files" version="1">
-         <unix:behaviors recurse="directories" recurse_direction="down" max_depth="1"
-             recurse_file_system="all"/>
--        {{% if product in ["fedora", "ol9", "rhel9", "rhel10"] %}}
-+        {{% if product in ["fedora", "ol9", "rhel9", "almalinux9", "rhel10"] %}}
-         <unix:path>/etc/NetworkManager/system-connections</unix:path>
-         <unix:filename operation="pattern match">.*\.nmconnection</unix:filename>
-         {{% else %}}
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
-index 9b10c1d19..9d45a7368 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
- # variables = var_rekey_limit_time=1h
- 
- mkdir -p /etc/ssh/sshd_config.d
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
-index 6bd150bbc..50057c216 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
- # variables = var_rekey_limit_size=512M
- 
- mkdir -p /etc/ssh/sshd_config.d
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
-index 59aaab6dc..5a12d9fc2 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
- 
- mkdir -p /etc/ssh/sshd_config.d
- touch /etc/ssh/sshd_config.d/nothing
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
-index bc254a3a5..7cf6f6145 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
- 
- SSHD_PARAM="RekeyLimit"
- 
+ metadata:
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
-index a31a14f8a..c9d542ec0 100644
+index d2d6b5cdc..42894b47e 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  
  mkdir -p /etc/ssh/sshd_config.d
 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
-index 021280218..904930d1a 100644
+index ae9b6ceb6..5159b5dff 100644
 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
 +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9, Red Hat Enterprise Linux 10,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  
  mkdir -p /etc/ssh/sshd_config.d
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh
-index e38b6bf60..4658991c3 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- if grep -q "^Ciphers" /etc/ssh/sshd_config; then
- 	sed -i "s/^Ciphers.*/Ciphers aes192-ctr,aes128-ctr/" /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
-index 925d9862f..d3146b477 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
-index a2af968bb..34dc5eae4 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
-index b99287bd4..49cfc66c0 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
-index 0dc5ce52d..2e01aa869 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
-index d0fdba3e0..562580591 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
-index 46040718a..82010363d 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
-index 15cf3f7fa..be91dfca7 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
-index edb2553d2..2bfd42c86 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com", '%s %s') }}}
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
-index b903a7a08..cd6f95db4 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}}
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh
-index e0a7f0ac5..20fbef899 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- if grep -q "^MACs" /etc/ssh/sshd_config; then
- 	sed -i "s/^MACs.*/MACs hmac-sha2-512/" /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
-index ba493f99f..dad0a61e3 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- sed -i 's/^\s*Ciphers\s.*//i' /etc/ssh/sshd_config
- echo "Ciphers aes256-ctr" >> /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
-index 27a2e37ac..3e678dccb 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- sed -i 's/^\s*Ciphers\s/# &/i' /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
-index ca08e633a..f90fa48d6 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- sed -i 's/^\s*MACs\s.*//i' /etc/ssh/sshd_config
- echo "MACs hmac-sha2-512" >> /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
-index 5a98fc0eb..846cdd444 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
-index 202fc7f44..711cc57c6 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
-index 68a6a1291..740c94e10 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- {{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}}
- 
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
-index 891b3e2f9..6cb0bce26 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
-index 5c83263bc..91e28ba16 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- {{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}}
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
-index b38bc41fe..33c5c9034 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
-index 564e32815..02bed6db8 100644
---- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- {{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}}
- 
-diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
-index 02cfde93e..1b9644302 100644
---- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
-index a7e449e52..84da3094e 100644
---- a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
-index 09e863e4a..ba1f546e9 100644
---- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- 
- 
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
-index 00f88e11d..1999d2453 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
-@@ -47,7 +47,7 @@
-     replace: 'pam_cert_auth = True'
-   with_items: "{{ sssd_conf_d_files.files }}"
- 
--{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
- - name: '{{{ rule_title }}} - Check if system relies on authselect'
-   ansible.builtin.stat:
-     path: /usr/bin/authselect
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
-index b896f4f7d..01802032f 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
-@@ -13,7 +13,7 @@ umask u=rw,go=
- 
- umask $OLD_UMASK
- 
--{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
- if [ -f /usr/bin/authselect ]; then
-     {{{ bash_enable_authselect_feature('with-smartcard') | indent(4) }}}
- else
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
-index 1cadee2e4..dfd1e3568 100644
+index 91916fa1c..bb49ca7ea 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
-@@ -5,7 +5,7 @@
-     <criteria operator="AND">
-       <criterion comment="Check pam_cert_auth in /etc/sssd/sssd.conf"
-                  test_ref="test_sssd_enable_smartcards"/>
--      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
+@@ -9,7 +9,7 @@
        <criterion comment="Check allow_missing_name in /etc/pam.d/smartcard-auth"
                   test_ref="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth"/>
+       {{% endif %}}
+-      {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++      {{% if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
        <criterion comment="Check try_cert_auth or require_cert_auth in /etc/pam.d/system-auth"
-@@ -30,7 +30,7 @@
-     <ind:subexpression operation="pattern match">(?i)true</ind:subexpression>
+                  test_ref="test_sssd_enable_smartcards_cert_auth_system_auth"/>
+       {{% endif %}}
+@@ -50,7 +50,7 @@
+     <ind:subexpression operation="pattern match">^.*allow_missing_name.*$</ind:subexpression>
    </ind:textfilecontent54_state>
- 
--  {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+  {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
+   {{% endif %}}
+-  {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
++  {{% if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
    <ind:textfilecontent54_test check="all" check_existence="all_exist"
-   comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth"
-   id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2">
+   comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/system-auth"
+   id="test_sssd_enable_smartcards_cert_auth_system_auth" version="2">
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index e729a6822..d1c910235 100644
+index aed45dc46..2bb781d84 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
 @@ -10,7 +10,7 @@ description: |-
@@ -3688,176 +1765,116 @@ index e729a6822..d1c910235 100644
      Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
      "try_cert_auth" or "require_cert_auth" option, like in the following example:
      <pre>
-@@ -58,7 +58,7 @@ ocil: |-
-     If configured properly, output should be
-     <pre>pam_cert_auth = True</pre>
- 
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
-     To verify that smart cards are enabled in PAM files, run the following command:
-     <pre>$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth</pre>
-     If configured properly, output should be
-@@ -73,7 +73,7 @@ fixtext: |-
- 
-     pam_cert_auth = True
- 
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
-     Enable the <tt>with-smartcard</tt> feature using the <tt>authselect</tt> command:
-     sudo authselect enable-feature with-smartcard
-     sudo authselect apply-changes -b
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
-index bcaae2a60..557b38fd7 100644
+index 20d721658..2a4422daf 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  SSSD_FILE="/etc/sssd/sssd.conf"
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
-index 5f4aaa725..61c139b34 100644
+index ba800bcea..10d4d2975 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
-index 860e0bb6c..ce5ac4325 100644
+index afd575dd8..a76a1a423 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
-index 7e2019cff..abc286cb3 100644
+index 05ecf8a8a..654864a62 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/conf.d/unused.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
-index 78b79752a..b49c8942d 100644
+index 9758d9bda..998600da6 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
-index aaf33d7b0..30144aeae 100644
+index eb58f3dcf..4e4cc0fa0 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
-index b1ed28f39..6cbd85707 100644
+index 262abd276..c6f2babd7 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/conf.d/unused.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
-index 85bb1de67..fb0e3b2df 100644
+index d3fc7375f..2c189f569 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
-index 43e19d382..6c7a50002 100644
+index 456f06484..e6fb4c857 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  rm -f $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-index 0817b532e..f27acd4e2 100644
---- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-index 6a8a81817..2f380920e 100644
---- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
- 
-diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-index 89bba2055..dd224425d 100644
---- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/oval/shared.xml
-@@ -4,7 +4,7 @@
-     <criteria operator="OR">
-       <criterion comment="Check offline_credentials_expiration in /etc/sssd/sssd.conf"
-       test_ref="test_sssd_offline_cred_expiration" />
--      {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
-+      {{% if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
-       <criterion comment="Check cache_credentials in /etc/sssd/sssd.conf"
-       test_ref="test_sssd_cache_credentials" />
-       {{% endif %}}
-@@ -25,7 +25,7 @@
-   <ind:textfilecontent54_state id="state_sssd_offline_cred_expiration" version="1">
-     <ind:subexpression>1</ind:subexpression>
-   </ind:textfilecontent54_state>
--  {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
-+  {{% if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
-   <ind:textfilecontent54_test check="all" check_existence="any_exist"
-   comment="tests the value of cache_credentials setting in the /etc/sssd/sssd.conf file"
-   id="test_sssd_cache_credentials" version="1">
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index dfa576a1c..0939f07e9 100644
+index 8acb5361f..ac1e04733 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 @@ -5,7 +5,7 @@ title: 'Configure SSSD to Expire Offline Credentials'
@@ -3869,7 +1886,7 @@ index dfa576a1c..0939f07e9 100644
      Check if SSSD allows cached authentications with the following command:
      <pre>
      $ sudo grep cache_credentials /etc/sssd/sssd.conf
-@@ -54,7 +54,7 @@ references:
+@@ -51,7 +51,7 @@ references:
  ocil_clause: 'it does not exist or is not configured properly'
  
  ocil: |-
@@ -3878,158 +1895,46 @@ index dfa576a1c..0939f07e9 100644
      Check if SSSD allows cached authentications with the following command:
      <pre>
      $ sudo grep cache_credentials /etc/sssd/sssd.conf
-diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
-index 3da9609d7..06586bd8a 100644
---- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- 
- MAIN_CONF="/etc/sssd/conf.d/ospp.conf"
- 
-diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
-index b92e1d3a6..747a90b31 100644
---- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
-+++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
-index f066ef1bd..01254fa6f 100644
---- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
-+++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}}
- 
-diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
-index 331627492..72a361b30 100644
---- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
-+++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
-@@ -1,3 +1,3 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
-diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
-index 9f18591b3..b49d5217a 100644
---- a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
-+++ b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
-index e9c55dfb0..9be805c13 100644
---- a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
-+++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- metadata:
-diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
-index 5ef460be8..8a12559f6 100644
---- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
-+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- {{% macro usbguard_hid_and_hub_config_source() %}}
- allow with-interface match-all { 03:*:* 09:00:* }
- {{%- endmacro -%}}
-diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
-index cca593262..5ac5c0678 100644
---- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
-+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
-index 88d55f160..f2f336700 100644
---- a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
-+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
-index e0bdca6be..9ce5132f6 100644
+index 780c4d1a5..ccec13d45 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
-+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  systemctl set-default multi-user.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
-index 9ec0cae93..4487412e5 100644
+index fd3c4a48d..c79a3a43f 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
-+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
  
  ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
-index 3df966d45..25eb0ca24 100644
+index 5ffb26956..f1af96866 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
  
  systemctl set-default graphical.target
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
-index d3da2f113..a90d73d4b 100644
+index 99a85d26d..33cdca2f3 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = Oracle Linux 8,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
  
  ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-index 58d38f9a2..4eea80461 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-index bfa9ddc92..cd29e3739 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("login_banner_text") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
 index c2feb1fbc..116c6cde5 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
@@ -4041,1689 +1946,1232 @@ index c2feb1fbc..116c6cde5 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  metadata:
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-index 5735d2035..0ca7771ef 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-index 4d77e8336..4ed727fc5 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("motd_banner_text") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-index 5814a30bd..aa4aa4c5c 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-index 86aff54f9..b295782b0 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
-index 1b2e46eff..6c22561e3 100644
+index 1dd9f4512..4c8892f4a 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ncp
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-index a3e7ebc0e..c65609786 100644
+index 6ff96441a..6966391a2 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
-index 4af47e3e0..0fe73b672 100644
+index 9969fcc6f..ac6e95eda 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
-index e1abf408e..ea28b1697 100644
+index c316d7c8f..e942b3ef2 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_stig
  # packages = dconf,gdm
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-index ad3b44290..562d3b354 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-index 891d516d5..ff2f7b63b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
+index 7c7d4c073..51c6c97a8 100644
+--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ # profiles = xccdf_org.ssgproject.content_profile_stig
+ # packages = dconf,gdm
  
- {{%- if "sle" in product or "slmicro" in product or "ubuntu" in product %}}
- {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
-index 2cd897b71..3580aae19 100644
+index 2cd897b71..f6672029b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_correct_options.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  if authselect list-features sssd | grep -q with-silent-lastlog; then
      authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
-index 60ede2a24..9149a89a2 100644
+index 60ede2a24..705f234b6 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # remediation = none
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
-index 325d5860a..9da59ddad 100644
+index 325d5860a..3bd614b5a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_lastlog.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  if authselect list-features sssd | grep -q with-silent-lastlog; then
      authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-index 003dc0beb..fd02163bd 100644
---- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
-index 28062890d..b04531a5b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- if ! grep -Eq '^\s*session\s+required\s+pam_namespace.so\s*$' '/etc/pam.d/login' ; then
-     echo "session    required     pam_namespace.so" >> "/etc/pam.d/login"
- fi
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
-index 98fab1858..683ccc76d 100644
+index e514c5aae..2e2be1afc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
-index ce36c2d22..014d85397 100644
+index 6cc976f24..fc1e0791c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
-index 98fab1858..683ccc76d 100644
+index e514c5aae..2e2be1afc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
-index ce36c2d22..014d85397 100644
+index 6cc976f24..fc1e0791c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
-index e9ecd879f..74e4c0b09 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
-index 63d03f08d..e0eae4498 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- {{{ bash_pam_faillock_enable() }}}
- {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index 5e75c996c..125502173 100644
+index d805aa018..5f7379c09 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-@@ -1,7 +1,7 @@
- 
+@@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-index e1eb0a970..74c1da0a8 100644
+index e1eb0a970..c0e7f6540 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
-index 95c3a04db..37caefc2f 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
-index 365006509..2a10d041b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+index 98037b3e3..7ca623d6f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
- {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
+ source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+index f56bdbce2..f6f53923c 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ 
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
-index bef6bbcea..f7a2048f0 100644
+index bef6bbcea..60abc9d38 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
-index 111ed3df6..b0029939b 100644
+index 111ed3df6..c9fe11bb0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
-index cc133d939..24e3f36f4 100644
+index cc133d939..c0a9e4b5b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
-index f8e697789..ef0490fe9 100644
+index f8e697789..ff4ad0b16 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
-index 5565977e7..5f66bdeca 100644
+index 5565977e7..2a78d1e58 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
-index e5af75fdc..b884806b9 100644
+index e5af75fdc..b30e83bc7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
-index 7af3472d6..a2fa80708 100644
+index 7af3472d6..1e65e7dbb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
-index f16643985..3727d7077 100644
+index f16643985..3d8397924 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
-index debcc53ca..0bf8c576e 100644
+index debcc53ca..49849baaa 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
-index e4be20de0..a9d7e2ec1 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
-index a55f86dc3..5506f8c40 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
-index fe238b41b..afb618418 100644
+index dd32200e4..0d1592798 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
-index bc6d5ab7f..5e83891a3 100644
+index c4e304ec1..034f7839f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
-index dd12efbc1..057c54a24 100644
+index 52e4f15c7..112c068ec 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
-index b97a9bfdb..0e75de8f1 100644
+index 1296b6744..860edc03a 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
-index afdbbea49..384845299 100644
+index dfcaa146c..f18bdd223 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
-index e5af75fdc..b884806b9 100644
+index 5f4aa8251..fc8f8a9b4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
-index 6f8fba5a6..f35a79866 100644
+index 24883ef0c..d32d71132 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
-index e25a158f7..d168e2b40 100644
+index 694398e7b..37ca0263c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
-index 253d50de1..4892717b8 100644
+index d9040a495..1536f7f3e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
+index 8fb16daea..6ef0ceafe 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
+index 1ef54f081..42270486d 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
+@@ -1,3 +1,3 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
+index a0ee8ece7..276673756 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
+index c184a3062..baf8384ca 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "remember") }}}
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "remember") }}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
+index c08e3b426..0cc45b355 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # reboot = false
+ # strategy = configure
+ # complexity = low
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
+index 9742fb75c..d3154fa77 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
+@@ -1,3 +1,3 @@
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
+index 52724ed73..276c3c6fc 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
+@@ -1,4 +1,4 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
+ {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
+index c07b7d56a..fbee6a5e7 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
+@@ -1,3 +1,3 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ sed -i 's/use_authtok/remember/' /etc/pam.d/system-auth /etc/pam.d/password-auth
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
-index a18fa3d6c..69fae67e2 100644
+index a18fa3d6c..5586d507f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
-index bc6d5ab7f..5e83891a3 100644
+index bc6d5ab7f..a4adc1800 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
-index dd12efbc1..057c54a24 100644
+index dd12efbc1..71756d641 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
-index 8ca16e11a..2e610cad5 100644
+index 8ca16e11a..c88cad464 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_remember=5
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
-index bc3c429f1..79812ad72 100644
+index bc3c429f1..123108b13 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_remember=5
  
  if authselect list-features sssd | grep -q with-pwhistory; then
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
-index 02d30f17a..1a687f0b9 100644
+index 02d30f17a..5fb950d93 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
-index 7f6215029..5756729af 100644
+index 7f6215029..7ece7ec2e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_remember=5
  
  remember_cnt=5
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
-index dc53f50b0..422deb381 100644
+index dc53f50b0..1913a6378 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_remember=5
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
-index e25a158f7..d168e2b40 100644
+index e25a158f7..23b93ca89 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
-index 253d50de1..4892717b8 100644
+index 253d50de1..c1e348428 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
  
  remember_cnt=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
-index 1eab1f8c4..f29521f1b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
-index 021a400c0..09b9d3918 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- 
- {{{ bash_pam_faillock_enable() }}}
- {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index d805aa018..e4b5b6570 100644
+index 2ba38d0ad..bdd471cdc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-index e1eb0a970..74c1da0a8 100644
+index bcfa1a721..2cb77dd13 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  source common.sh
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
-index c35696fee..f9615fcef 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- source common.sh
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
-index 5bbbc464e..15a644bba 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-index b3232cc93..97b5d1069 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-index 24f5731f6..875972eb2 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-index aa3ca061d..64992df97 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-index 67c1b593b..74bb77abe 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-index e770e300f..ae701fdab 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index fd57152b8..664e42beb 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index efb57601c..bac7a6401 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-index e3ec96da0..56c6b75f3 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index 595b85192..f547b7431 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
-index 2a6868f38..70448df97 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
-index 09d8aeee0..72b3aeacb 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- 
- {{{ bash_pam_faillock_enable() }}}
- {{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
-index b3232cc93..97b5d1069 100644
+index eef841ce5..021894a32 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
-index d39d1ae31..2fe9bfaa2 100644
+index aa36b3be2..d116e45b7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  pam_files=("password-auth" "system-auth")
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
-index 476c4e77e..387e5d90a 100644
+index 1d4f1f91f..acaf1f6f3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8
  # remediation = none
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 87bca6919..c59070dd3 100644
+index 8128a072f..c28980e01 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8
  
  authselect select sssd --force
  authselect enable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index 7c702d669..652c29b25 100644
+index ffdc55852..cf0858efd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
+-# platform = multi_platform_fedora,Oracle Linux 9,Oracle Linux 8,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 9,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
-index 679e47bcc..f345e12ae 100644
+index 679e47bcc..48ecf5894 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
-index 6bb763cf5..cd6900bb5 100644
+index 6bb763cf5..04951e53c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
+index cd4c3ac61..5e84dd5ef 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
+index 3953a7567..238686e4f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
+index 303cf124f..5808d914f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
-index 2f08a7d47..86f0bb1d8 100644
+index 2f08a7d47..c30378c84 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
+index 45724e5e1..a424078c6 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
-index fd8e44443..d30a92fd8 100644
+index 9ec4d6697..9f3b476f2 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
-index e9c09b713..ffbbb68cd 100644
+index e9c09b713..d8a5cce80 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("local_users_only", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
-index 856bd56ea..9f76150c3 100644
+index 856bd56ea..c1697c330 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  
  authselect select sssd --force
  authselect disable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 075791de6..899751de9 100644
+index 075791de6..611b4b568 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  
  authselect select sssd --force
  authselect enable-feature with-faillock
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index 978cccce6..a3e8b3365 100644
+index 978cccce6..4df1f8200 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  # remediation = none
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
-index 053f91100..f294bc5a0 100644
+index 053f91100..303230d97 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  # remediation = none
  
  # This test scenario manually modify the pam_faillock.so entries in auth section from
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-index b3232cc93..97b5d1069 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-index 9a553893c..e8f966aa5 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-index 0b67e0e02..2f33f8a90 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-index 9d4320fbb..4cf206854 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 82bf9fa75..758999d53 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 74236e2fb..75bd18da8 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index ef2461160..783bf6cdb 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-index 30e044729..bb60fb3ed 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index c71a12afe..93a3aee74 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
-index fdd0c4c06..e65906af5 100644
+index fdd0c4c06..3935c3eb3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
-index ebabc6518..b02f953cc 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- source common.sh
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
-index a10547339..c01c35a48 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
-index f73c751f5..812b6ba1b 100644
+index f73c751f5..67f87b046 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
-index 514b2bb37..52f16f216 100644
+index 514b2bb37..287b2bd47 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  source common.sh
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-index b3232cc93..97b5d1069 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
+index e82ecb7f5..7386d3217 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
- # remediation = none
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-index d547b0e35..8882d876b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-index 057348eb4..0345fd442 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-index bfcc7d4a4..da0f4a90e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 1840cae45..7f2b5cddf 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 838ab7c53..527dec679 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index b7b1532bb..7f9bb22e6 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-index eff1bd32c..f6307511b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index a57645eb1..641d38610 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
-index 06f7962fd..dc6eea20d 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-index a55859203..377efc82e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
+ # Package libpwquality cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
-index 81d2955d3..ac3aae234 100644
+index 81d2955d3..91f44dfc9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
-index 4bb7a4872..c878fd41e 100644
+index 4bb7a4872..5040a42e4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
-index 32ce46407..53719b5d8 100644
+index 32ce46407..76a1e7412 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
-index 0f9b75cec..dc9f9b1af 100644
+index 0f9b75cec..644396bc1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/password-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
-index 61c28f2d6..1bbd85df1 100644
+index 61c28f2d6..721b5b349 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
-index 90484d66f..81664de52 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-index 4ea10f4c4..6c1de4e4c 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
-index f68622be4..6b3eb34dd 100644
+index f68622be4..34c533ad4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
-index 0de6065a2..8565473b6 100644
+index 0de6065a2..3117aba3e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
-index 03a4ef295..3c65f0c19 100644
+index 03a4ef295..85bc0e565 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
-index ae0ed105d..e1e6ce6bf 100644
+index ae0ed105d..e81f931b7 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
-index 60ebfdeba..b53e75109 100644
+index 60ebfdeba..0cfa2b06e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
-index 25a0da980..bf2a98da4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
-index 03723cd8c..1df4f1d61 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # variables = var_password_pam_retry=3
- 
- source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-index 19cac93f4..95a79c236 100644
+index a151577a5..2f21c2359 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_retry=3
+ 
+ source common.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
+index 36ddc1d94..8ec3d927a 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-index ae605f717..0e5676805 100644
+index d65976fa1..65914eaef 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
-index ce7f4b7a3..9c8b93a75 100644
+index 39f98ec3f..06837bd37 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_retry=3
+ 
+ source common.sh
+diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
+index d2a2dc2d0..026cc0501 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
-index 962112d6a..7703ed3f7 100644
+index 2bd6c06a5..97a5f3e66 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-index ea2eb57fe..31e80535f 100644
+index 459ae7843..86e7dec6d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
-index 662c3641e..4baf0adaa 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
-index f6b461789..fb6d88e37 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
- LIBUSER_CONF="/etc/libuser.conf"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-index e0b6d68db..5ec6c69bb 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
-index 9fffb6188..bd6f532b7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-index 3b4602f2c..89cf6b6c5 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
- 
- {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
- PAM_FILE_PATH="/etc/pam.d/password-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
-index abcdf02f5..92f3207b6 100644
+index ee1213c2d..c2aca7ae1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
-index 1572f0d9b..d82a5e5b4 100644
+index 8d6be38f4..ce2bcce19 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
-index 463b78e55..dbf8199ff 100644
+index 13f217f02..efb422075 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
-index a36ff143d..2166ffb56 100644
+index 5632949e2..fbfe8a0a4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
-index b874f33d6..2d3026148 100644
+index 7f6ff9a97..581c81c47 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
-index 98aff168e..1dd6d2b09 100644
+index 10a02eb86..77029c277 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
-index a665b3b10..97a1c5f7a 100644
+index 264df72f1..725cd27ab 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
-index c498e86dd..ccff0390d 100644
+index c5e65c44e..8d606b5ea 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
-index 3653f7912..b43f3d5e1 100644
+index c61e9828d..652f95adb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
-index 11ed319f1..277fcce64 100644
+index 6499ed205..c94da4ca0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
-index e41950217..f8b461a78 100644
+index 6b5b5767a..01fafdbb9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
-index d0413404b..c757d1758 100644
+index a1a9ec1ec..c273c78f4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
@@ -5750,125 +3198,114 @@ index 517c83c6e..041e9a29c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
-index f8c47e96a..d0aaabaf7 100644
+index ed94337e6..318ed9da3 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  systemctl disable --now ctrl-alt-del.target
  systemctl mask --now ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
-index 41eed9737..992dc2304 100644
+index 3e37419e8..029e44c9d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
  
  systemctl unmask ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index 1517b25f8..fd2c49137 100644
+index c0bbf0e00..2ef6928f5 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-@@ -50,7 +50,7 @@ ocil: |-
+@@ -48,7 +48,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      <pre>$ grep sulogin /usr/lib/systemd/system/emergency.service</pre>
      The output should be similar to the following, and the line must begin with
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "slmicro5"] -%}}
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          <pre>ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency</pre>
      {{%- else -%}}
-@@ -78,7 +78,7 @@ fixtext: |-
+@@ -76,7 +76,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication for system emergency mode.
  
      Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
--    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "slmicro5"] -%}}
      ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
      {{%- else -%}}
      ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
-index bce932b72..dda999a74 100644
+index bce932b72..65189b3b9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/usr/lib/systemd/systemd-sulogin-shell"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
-index 73d2f3ad0..d5c7db6ab 100644
+index 31c41fba2..c1729abbc 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  rm -f /etc/systemd/system/emergency.service
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-index d9fdc678f..a4f6ea6a9 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- service_file="/usr/lib/systemd/system/emergency.service"
- sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
-index 4545cf49f..520cd2af5 100644
+index 8fb2960e0..57568d8cb 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  rm -f /etc/systemd/system/emergency.service
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
-index 3cf97a457..7f9b4043f 100644
+index c15034231..01fbc0695 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  rm -rf /etc/systemd/system/rescue.service.d
  mkdir -p /etc/systemd/system/rescue.service.d
  cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-index 0bb3ce9ff..d9865e063 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+index f735f3270..027fbbe3d 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- rm -rf /etc/systemd/system/rescue.service.d
- mkdir -p /etc/systemd/system/rescue.service.d
- cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-index 63b9b08b5..15abe6cec 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ 
+ service_file="/usr/lib/systemd/system/rescue.service"
+ sulogin="/usr/lib/systemd/systemd-sulogin-shell"
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
+index 01701eefb..a3b846c14 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
 +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  
- service_file="/usr/lib/systemd/system/rescue.service"
- sulogin="/bin/bash"
+ rm -rf /etc/systemd/system/rescue.service.d
+ mkdir -p /etc/systemd/system/rescue.service.d
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
 index 75395cf61..1dcee69f3 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
@@ -5890,7 +3327,7 @@ index f47326940..42d591752 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
-index dc63eb653..dc6931307 100644
+index 6eb24c8ef..718f8cb2e 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5965,18 +3402,8 @@ index 6b2d6cd5e..c20712c9f 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-index 1a9d35f69..9a5753d98 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
-index 08b89bf8f..cea27ab4d 100644
+index 2cbb501f6..27700c4b4 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -5986,129 +3413,16 @@ index 08b89bf8f..cea27ab4d 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
-index c2afecc19..652fbedb7 100644
+index 8d59d36d3..526165afe 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_ubuntu,multi_platform_rhel
 +# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
- # packages = openssl-pkcs11
+ # packages = openssl-pkcs11,libpam-pkcs11
  
  if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-index d7103cc0a..68c252f78 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = openssl-pkcs11
- 
- if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-index c0cc3c94f..6db041b04 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = openssl-pkcs11
- 
- if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-index 84f13bfea..709b9e923 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-index 77aa71dd9..b3bfff528 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-index aa147fdce..bb8288f5b 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
-@@ -1,5 +1,5 @@
- #! /bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
- 
- var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-index c4c2f7ba0..e03ccee7a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-index 6e22e90d7..bfd7508ad 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-index b04d7cdb8..0d5a5831e 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-index dcc5de3f1..268aafbab 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
- {{{ bash_replace_or_append('/etc/login.defs', '^PASS_MIN_LEN', "$var_accounts_password_minlen_login_defs", '%s %s') }}}
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-index 18974ea6c..d72de8a97 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-index 7d6bc11f9..0a8561b81 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
 index ebcb5ac04..674369a42 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
@@ -6129,284 +3443,214 @@ index 7bdb759f6..dd157f1e3 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-index 4994ff315..e8469b8e9 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-index 82110016d..2a73ed386 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-index 7374c21e8..0a9f303d4 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- 
- {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
-index 3e24ba16a..1770f4b7e 100644
+index ac786351d..105da781f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
-index 39690d88d..914ee7d84 100644
+index f65671afe..4e6949a82 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
-index eabb4af89..966a5b6e8 100644
+index 0c026fce2..40ff8c5aa 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_default_rounds.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=5000
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
-index 9c99fc307..7db9d4a78 100644
+index fefaf2f5a..8389f6b09 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  # variables = var_password_pam_unix_rounds=65536
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
-index dc8b11e2d..b44396f63 100644
+index 6638d849a..28d9dffee 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
-index 96bcc3e23..ce746e89b 100644
+index 91da77a25..adfc415f3 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-index c0b520bdf..70ab14cba 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-index 8316e495a..bf8a4c240 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- {{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
-index 3da866412..4347773a9 100644
+index 1a1cf9ad7..3f5725a4a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
-index 67a052f98..2ea2aafe5 100644
+index 1acecb5ba..6fd0a2db7 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
-index 1bbd39228..369c32ae3 100644
+index 539b033f7..e1ca3468e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_default_rounds.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=5000
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
-index 3e62935b5..ea66520cd 100644
+index 3f0dac513..10af6ae8c 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # remediation = none
  # variables = var_password_pam_unix_rounds=65536
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
-index 85bbbdb7f..814f4e016 100644
+index 8a39a24a4..f32bacf9e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=65536
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
-index 244799045..7f57ec0e1 100644
+index dc454dff4..ee67c2bdf 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = var_password_pam_unix_rounds=65536
  
  ROUNDS=4000
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-index 117a42585..b41d01a89 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index 889998309..05177f1a1 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-index ad3133b1f..eac1b843a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
-index 1dd45236b..48b3c6c8c 100644
+index db6c94724..57535bb74 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # remediation = none
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
-index 0dfb32e31..04a7b6271 100644
+index c05d6d2c2..5b132cfb6 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
-index 9dc5d7677..f00e9272d 100644
+index c8ab00326..a6a41bb08 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
+index 5e2919e78..c22311899 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # remediation = none
+ 
+ useradd --gid 0 root2
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
-index 888cc054f..2b7d571ad 100644
+index 8469f530b..83ecdd81a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
-index 7bbfd7675..3d438fe7a 100644
+index ab0e591f1..605e5d2b0 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_fedora
  
  {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
@@ -6421,108 +3665,28 @@ index 8f87bf06e..6bed5ef5a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-index 5f9c92aac..119219eb0 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-index 10a747ef2..5a819abfc 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-index e7f5c730c..8f06c6cfa 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-index bd1ba1ccb..d139fdda4 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- # uncomment the option if commented
- sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
-index e236b1ec2..d84d7345f 100644
+index 6d79f4e9d..b57b787a8 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
-index d16374ffd..1ae066fd9 100644
+index 35df572f9..548a5aee6 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
  PAM_CONF=/etc/pam.d/su
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
-index 315b2efec..657d0c4e6 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5
- # disruption = low
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
-index 305f8fea8..e9470bfa1 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5
- 
- {{{ bash_instantiate_variables("var_accounts_fail_delay") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-index 88758d295..f0c54f4c3 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-index 3415b164a..97ac5e4d9 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-index d3798de62..19761e09d 100644
+index 4d08bb696..febed69bb 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6532,7 +3696,7 @@ index d3798de62..19761e09d 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-index da628bc5e..90f23cb90 100644
+index 12a861bb1..d16d24b51 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -6541,280 +3705,126 @@ index da628bc5e..90f23cb90 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
-index 5bfb963a1..77807dbfb 100644
---- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
+diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
+index ceac5e3ff..6b9ed3049 100644
+--- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
++++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-index 0f681a6db..846b47fee 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
- 
- {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
-index fb91eab05..02b78a6ab 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
-index ec59ac915..3e5470b1e 100644
---- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
-index ec75bf6d2..eb2aa2ea1 100644
---- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
-+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
-diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
-index a545d9791..383a6ee76 100644
---- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
-+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- touch /etc/pam.d/{password,system}-auth-{mycustomconfig,ac}
-diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
-index 82fb5d543..2dbee752d 100644
---- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
-+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
 diff --git a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
-index 183e2f402..22500236d 100644
+index 7f399477a..63690c599 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
-index 31c46debf..9b4e3abe2 100644
+index 91f429a34..9503b90c2 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_almalinux
  # packages = authselect,pam
  # remediation = none
  
-diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
-index ac68df9e0..f589bfb44 100644
---- a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
-+++ b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # packages = authselect,pam
- 
- authselect select minimal --force
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
-index 3bd07c62e..e328ca74c 100644
+index 15a64d147..900993d72 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_almalinux
  # packages = authselect,pam
  
  rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
-index 00942724d..f68845394 100644
+index 00942724d..9d7168c74 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # Based on shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
 -# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Breaks argument in kernel command line in /boot/loader/entries/*.conf
  
+diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
+index 663a3282c..ffb3e4969 100644
+--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
++++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ 
+ # remediation = none
+-# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,multi_platform_ubuntu,multi_platform_sle,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9, Red Hat Enterprise Linux 10,multi_platform_ubuntu,multi_platform_sle,multi_platform_fedora
+ 
+ . $SHARED/grub2.sh
+ 
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
-index 50cf1b78f..cc8c2577d 100644
+index 50cf1b78f..84a0e9194 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Make sure boot loader entries contain init_on_alloc=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
-index 7c0d91547..0490eed84 100644
+index 7c0d91547..bff710e05 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Make sure boot loader entries contain init_on_alloc=1
  for file in /boot/loader/entries/*.conf
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
-index 9d330c919..bac0815e1 100644
+index 9d330c919..96a4dcc74 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Remove init_on_alloc=1 from all boot entries
  sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
-index 5585e0eaf..ec0a8704d 100644
+index b36aca3cf..4991691ef 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # reboot = true
  # strategy = configure
  # complexity = medium
 diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
-index 0d90d58db..de4f6c4c6 100644
+index 0d90d58db..32887fa37 100644
 --- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
 +++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --remove-args="systemd.debug-shell"
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-index 8fa32223f..89e411a7f 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
- 	mkdir -p /etc/rsyslog.d
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-index 4e321fecb..2818c4ca1 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-index 3933f28b4..d71a075f1 100644
---- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-index 7eafd360b..a06fdb838 100644
---- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-@@ -32,7 +32,7 @@ ocil: |-
-     Storing logs with compression can help avoid filling the system disk.
-     Run the following command to verify that journald is compressing logs.
-     <pre>
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "rhel9", "almalinux9", "sle15"] %}}
-     grep "^\sCompress" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sCompress" /etc/systemd/journald.conf
-@@ -43,7 +43,7 @@ ocil: |-
-     Compress=yes
-     </pre>
- 
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "rhel9", "almalinux9", "sle15"] %}}
- template:
-     name: systemd_dropin_configuration
-     vars:
-diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-index e0fab4b24..5198f578b 100644
---- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-@@ -31,7 +31,7 @@ ocil: |-
-     Storing logs remotely protects the integrity of the data from local attacks.
-     Run the following command to verify that journald is forwarding logs to a remote host.
-     <pre>
--{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux9", "sle15"] %}}
-     grep "^\sForwardToSyslog" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sForwardToSyslog" /etc/systemd/journald.conf
-@@ -42,7 +42,7 @@ ocil: |-
-     ForwardToSyslog=yes
-     </pre>
- 
--{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["rhel8", "rhel9", "almalinux9", "sle15"] %}}
- template:
-     name: systemd_dropin_configuration
-     vars:
-diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-index d13ef07c9..5a634b601 100644
---- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-@@ -31,7 +31,7 @@ ocil: |-
-     Storing logs with persistent storage ensures they are available after a reboot or system crash.
-     Run the command below to verify that logs are being persistently stored to disk.
-     <pre>
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "rhel9", "almalinux9", "sle15"] %}}
-     grep "^\sStorage" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sStorage" /etc/systemd/journald.conf
-@@ -42,7 +42,7 @@ ocil: |-
-     Storage=persistent
-     </pre>
- 
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "rhel9", "almalinux9", "sle15"] %}}
- template:
-     name: systemd_dropin_configuration
-     vars:
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 index 892523fc4..9fbba1ccb 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -6827,60 +3837,29 @@ index 892523fc4..9fbba1ccb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
-index 19a4028a0..b73cc246d 100644
+index 907b69cc3..b89c0221d 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
 +++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
 @@ -11,7 +11,7 @@
        test_ref="test_logrotate_conf_no_other_keyword" />
        <criteria comment="Check if either logrotate timer or cron job is enabled" operator="OR">
          <criterion comment="Check if /etc/cron.daily/logrotate file exists (and calls logrotate)" test_ref="test_cron_daily_logrotate_existence" />
--{{% if product in ["rhcos4", "rhel9", "sle12", "sle15","ol9"] %}}
-+{{% if product in ["rhcos4", "rhel9", "almalinux9", "sle12", "sle15","ol9"] %}}
-         <extend_definition comment="Check if logrotate timer is being enabled" definition_ref="timer_logrotate_enabled" />
+-{{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
++{{% if product in ["ol9", "rhcos4", "rhel9", "almalinux9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
+         <criterion comment="Check if logrotate timer is enabled" test_ref="test_logrotate_enabled_systemd_target" />
  {{% endif %}}
        </criteria>
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-index f42709ef5..8b35da68b 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-index f2019bb9a..a12ceb5c1 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
+@@ -54,7 +54,7 @@
+     <ind:instance datatype="int">1</ind:instance>
+   </ind:textfilecontent54_object>
  
- {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
- 
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-index d6e2b2564..323d3ffaa 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-index ee1cbf7ea..eb4e5adc4 100644
---- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = configure
- # complexity = low
+-  {{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
++  {{% if product in ["ol9", "rhcos4", "rhel9", "almalinux9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
+   <unix:file_test check="all" check_existence="all_exist"
+    comment="look for logrotate.timer in multi-user.target.wants and timers.target.wants"
+    id="test_logrotate_enabled_systemd_target" version="1">
 diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
-index 51b6c4fb6..679e35435 100644
+index 18d73bb72..231c48285 100644
 --- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
 +++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
 @@ -1,5 +1,5 @@
@@ -6901,16 +3880,39 @@ index b2a8e350c..e97d0f4a5 100644
  # check-import = stdout
  
  result=$XCCDF_RESULT_PASS
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-index d787fbbbf..d209806d8 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
+index cfb1cd690..a89ef4dcc 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
  
- # enable randomness in ipv6 address generation
- for interface in /etc/sysconfig/network-scripts/ifcfg-*
+ mkdir -p "/etc"
+ filepath="/etc/os-release"
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
+index 52c2500cb..702369f66 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ 
+ mkdir -p "/etc"
+ filepath="/etc/os-release"
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
+index 207bfac32..f5e12fe63 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ 
+ mkdir -p "/etc"
+ filepath="/etc/os-release"
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
 index 87306fedb..88e2884bc 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
@@ -6978,37 +3980,27 @@ index e2951d845..0335df123 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
-index fc649d74c..2fa1114da 100644
+index fc649d74c..93dffbb34 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Removes ipv6.disable argument from kernel command line in //boot/loader/entries/*.conf
  
 diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
-index 3c1cde1dc..a57a1eae5 100644
+index 3c1cde1dc..baad7f86f 100644
 --- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
 +++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Break the ipv6.disable argument in kernel command line in /boot/loader/entries/*.conf
  
-diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-index 2bd1bdbca..63ab3fe59 100644
---- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- # Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
- # services for NFSv4 from attempting to start IPv6 network listeners
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
 index 6bb6de134..1f0664a02 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
@@ -7053,25 +4045,14 @@ index c64da37a3..08535e5a1 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
-index 583b70a3b..d9bca3de6 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
+diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/ol_value_2.fail.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/ol_value_2.fail.sh
+index 12a388565..6f16f3487 100644
+--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/ol_value_2.fail.sh
++++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/ol_value_2.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-index ef545976d..bf1ccb250 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Oracle Linux 9,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  # Clean sysctl config directories
  rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
@@ -7207,236 +4188,213 @@ index 89d344c4f..1a926adaa 100644
  # check-import = stdout
  
  tbl_output=$(nft list tables | grep inet)
-diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
-index 57cc29270..4b1b2805e 100644
---- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
-+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
+diff --git a/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh b/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
+index 2dc3f4431..f1f353370 100644
+--- a/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
++++ b/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ # packages = polkit
+-# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9, Red Hat Enterprise Linux 10
+ # This TS is a regression test for https://issues.redhat.com/browse/RHEL-87606
+ dnf remove -y --noautoremove polkit-pkla-compat
+diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
+index 0eee598bf..c3aa51320 100644
+--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
  
- rm -f /etc/modprobe.d/dccp-blacklist.conf
- echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
-diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-index 0f2d15979..27572472b 100644
---- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+ {{{ find_directories(find_parameters="\( -perm -0002 -a ! -perm -1000 \)", fail_message="Found directories with writable sticky bits") }}}
+diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
+index facc0ad8d..f19540f78 100644
+--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
  
- source common.sh
-diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
-index 469db24e9..671a4d019 100644
---- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
-+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
+ {{{ find_directories(find_parameters="-perm -0002 -uid +"~uid_min, fail_message="Found world-writable directories that are not owned by a system account") }}}
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
+index a6fb2064a..4d8f7030f 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-perm -2000", fail_message="Found SGID executables that are unauthorized", skip_rpm_owned_files=True) }}}
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
+index d7bb76269..08156544b 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-perm -4000", fail_message="Found SUID executables that are unauthorized", skip_rpm_owned_files=True) }}}
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
+index bca90c8ba..4ed275284 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-perm -002", fail_message="Found world-writable files") }}}
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
+index c6b866ea6..392196483 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ 
+ find / -xdev -type f -perm -002 -exec chmod o-w {} \;
+ 
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
+index 02e5cd08e..104d1371a 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-nogroup", fail_message="Found ungroupowned files", exclude_directories="sysroot") }}}
+diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
+index 44f6c84dd..b37b68810 100644
+--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
++++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # remediation = none
+ 
+ mount tmpfs /tmp -t tmpfs
+diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
+index 12f46c0b1..cf3e7428c 100644
+--- a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-nogroup", fail_message="Found ungroupowned files or directories", exclude_directories="sysroot") }}}
+diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
+index ef64cf6aa..2e5220217 100644
+--- a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
++++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # remediation = none
+ 
+ touch /tmp/test
+diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
+index 5c2dda5f9..68877027e 100644
+--- a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-nouser", fail_message="Found unowned files or directories") }}}
+diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
+index c1d6cd0fb..78faa5993 100644
+--- a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
++++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # remediation = none
+ 
+ touch /tmp/test
+diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
+index 982caa000..5fcb2cf41 100644
+--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
++++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # check-import = stdout
+ 
+ {{{ find_files(find_parameters="-nouser", fail_message="Found unowned files") }}}
+diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
+index c1b6d3e79..8109c5d55 100644
+--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
++++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # remediation = none
+ 
+ mount tmpfs /tmp -t tmpfs
+diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
+index 29ec8f733..1e3d5130e 100644
+--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
++++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- source common.sh
- 
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index 33caa81c9..df5b4eacb 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-index e488cceeb..f36b06f69 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
+diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
+index 83c283c8c..188870908 100644
+--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
++++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- df --local -P | awk '{if (NR!=1) print $6}' \
- | xargs -I '$6' find '$6' -xdev -type d \
- \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-index d2b47d989..9f25146b9 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	find "$dirPath" -type d -exec chown root '{}' \;
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index 542184ae8..9cdfbf737 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- groupadd nogroup
- DIRS="/lib /lib64"
- for dirPath in $DIRS; do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-index 5f8dcd2eb..7980d87b5 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-index c3cd0944b..3c41df40c 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64 /usr/lib /usr/lib64"
- for dirPath in $DIRS; do
-     chmod -R 755 "$dirPath"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-index 90ae74be6..243a8e16e 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/lib /lib64"
- for dirPath in $DIRS; do
- 	mkdir -p "$dirPath/testme" && chmod 777  "$dirPath/testme"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-index ebaf9b766..858020d51 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- DIRS="/usr/lib /usr/lib64"
- for dirPath in $DIRS; do
- 	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-index 8e9fc7b8b..7ce862d34 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index 8ecb16700..bad3166e1 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
- for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
- do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-index bfa87de9e..8e2e64479 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-index c01f262cb..2f899a4ae 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- find /bin/ \
- /usr/bin/ \
- /usr/local/bin/ \
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-index 9c3fa6fe9..78ab97152 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
- do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-index 02867684c..8b274eded 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-index 81d8a339e..70345d4e7 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- 
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-index 3382568ce..b4f4bd0a0 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
- 
- useradd user_test
- 
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-index ab6d35c79..f37c06f86 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-index 6eef84def..984fb7f55 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
- for dirPath in $DIRS; do
- 	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
+ # Create /etc/security/opasswd if needed
+ # Owner group mode root.root 0600
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-index 5356d3742..a85c88001 100644
+index 64c5cc680..8c4537502 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
  
  for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-index 7352b60aa..fc84e065c 100644
+index 651297f9e..7c4db56db 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
++# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
  
  groupadd group_test
- for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
+ {{% if 'ol8' in product or 'rhel' in product %}}
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
 index b0d594003..4a71eccda 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
@@ -7491,16 +4449,6 @@ index d94802273..554e34e00 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-index 32651fa92..b68ea1c66 100644
---- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- SECURITY_LIMITS_FILE="/etc/security/limits.conf"
- 
- if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
 index 41cbd1197..481afa583 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
@@ -7523,28 +4471,6 @@ index 415b0486d..02b1e991a 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-index 70189666c..22f9e966b 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-index 209395fa9..23cce30a8 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
 index 7a4c107b2..22e209120 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
@@ -7556,28 +4482,6 @@ index 7a4c107b2..22e209120 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-index 6d87da5f2..021acd31f 100755
---- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- cp /proc/cpuinfo /tmp/cpuinfo
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-index 3260539b3..29d22d491 100755
---- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
 index 88c683445..fa9b2020d 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
@@ -7590,7 +4494,7 @@ index 88c683445..fa9b2020d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index b555eca8f..58c0e6e86 100644
+index a15c44348..38d75d71a 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 @@ -12,7 +12,7 @@ rationale: |-
@@ -7647,46 +4551,46 @@ index 2e24d9211..7b706bb32 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
-index b9776227b..f58a7ac92 100644
+index c9de45e02..30a9748a5 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10
  
  # Clean sysctl config directories
  rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
-index 9f19e0140..b6f94e4b3 100644
+index 77ebd1e1d..315ea35f9 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10
  
  # Clean sysctl config directories
  rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
-index e976db594..073e9fdaf 100644
+index 99fb0ec06..41e828cc6 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10
  
  # Clean sysctl config directories
  rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
-index b1537175e..d1f7474e9 100644
+index ec71c16c9..36bb1e6af 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10
  
  # Clean sysctl config directories
  rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
@@ -7723,28 +4627,8 @@ index fdd4fb83e..3274d5b36 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
-index 4be24a89d..76c0cc6df 100644
---- a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
-+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
-index 735354a2d..0c13b196e 100644
---- a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
-+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
- 
- sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
- sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
 diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
-index 2520d3dcc..ed0bc9538 100644
+index 9558acad7..52cc0a789 100644
 --- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 +++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
 @@ -1,5 +1,5 @@
@@ -7754,379 +4638,30 @@ index 2520d3dcc..ed0bc9538 100644
  
  # Package libselinux cannot be uninstalled normally
  # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
-index 5b45fae3f..c66669977 100644
---- a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
-+++ b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-index b0e1de6ba..e08be5aa9 100644
---- a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-+++ b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
-index 9db746638..a2e3b6c7b 100644
---- a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
-+++ b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-index 78c1d4f61..0fc55b9c0 100644
---- a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-+++ b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-index c3baa1b80..be83f158f 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-index 917fc7dc4..bc1d7c63c 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-index f5d68f1c3..91f02c0d4 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-index 45e6c24aa..e06d9600f 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-index 6b19c8138..1f656f5a8 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-index ef2933c52..0d72f6f65 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-index 0ca67c74a..332a5018a 100644
---- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-index 60417ff4e..0af05e798 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-index ac168ef9f..69ecfa6a7 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-index 51e4063c3..3591b7266 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-index 33460b61c..04074e66b 100644
---- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-index 4e389aa5c..254db9bfe 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-index c3922e5b0..40515598a 100644
---- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-index 09eed8367..601191b49 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-index bf1efbe61..efa5b96a6 100644
---- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-index f7c7b4379..95781d5ab 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-index d3f144c89..ae170b802 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-index 5b08acff4..d1af90b16 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-index 9d034e519..2c45806b4 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-index d04e6893f..5b9cba007 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-index 34ff91ab3..875abf68d 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-index 4dbe2b3c8..7313b6bcd 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-index 606e00c5f..792db4ca4 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-index ed7d98843..a41cb7151 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-index c379700ad..6d91cec21 100644
---- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-index 9830ea565..c0913adb5 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-index fa4f578ef..f0d0708d1 100644
---- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
-index c7617bc43..7de8de33c 100644
---- a/linux_os/guide/system/software/gnome/group.yml
-+++ b/linux_os/guide/system/software/gnome/group.yml
-@@ -12,7 +12,7 @@ description: |-
-     {{% if 'ol' in product %}}
-     Oracle Linux Graphical environment.
-     {{% else %}}
--    Red Hat Graphical environment.
-+    AlmaLinux Graphical environment.
-     {{% endif %}}
-     <br /><br />
-     For more information on GNOME and the GNOME Project, see <b>{{{ weblink(link="https://www.gnome.org") }}}</b>.
-diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index e0b7e6db5..68e529e12 100644
---- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-@@ -4,6 +4,7 @@
-         The operating system installed on the system is supported by a vendor that provides security patches.
-       ") }}}
-     <criteria comment="Installed operating system is supported by a vendor" operator="OR">
-+      <extend_definition comment="Installed OS is ALMALINUX9" definition_ref="installed_OS_is_almalinux9" />
-       <extend_definition comment="Installed OS is RHEL8" definition_ref="installed_OS_is_rhel8" />
-       <extend_definition comment="Installed OS is RHEL9" definition_ref="installed_OS_is_rhel9" />
-       <extend_definition comment="Installed OS is OL7" definition_ref="installed_OS_is_ol7" />
-diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-index 8b47069e6..5172588ab 100644
---- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
-@@ -11,6 +11,9 @@ description: |-
- {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
-     SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
-     vendor, SUSE is responsible for providing security patches.
-+{{% elif product == "almalinux9" %}}
-+    AlmaLinux is supported by AlmaLinux. As the AlmaLinux
-+    vendor, AlmaLinux is responsible for providing security patches.
- {{% else %}}
-     Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise
-     Linux vendor, Red Hat, Inc. is responsible for providing security patches.
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
-index c7385d2c3..7f6cb14e7 100644
+index c7385d2c3..af8f3234a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  BIND_CONF='/etc/named.conf'
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
-index b00bbfe21..1769e27e5 100644
+index b00bbfe21..5816460d8 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  {{{ bash_package_remove("bind") }}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
-index 4f9c749eb..9330f1f53 100644
+index 4f9c749eb..9b3b78230 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
 @@ -1,7 +1,7 @@
@@ -8134,31 +4669,31 @@ index 4f9c749eb..9330f1f53 100644
  # packages = bind
  # 
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # We don't remediate anything if the config file is missing completely.
  # remediation = none
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
-index 34a32a73b..05437d75f 100644
+index 34a32a73b..aaaa24a6a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  BIND_CONF='/etc/named.conf'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
-index 290e5fb07..b0643b48a 100644
+index 290e5fb07..4a16731bd 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = bind
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  BIND_CONF='/etc/named.conf'
@@ -8173,225 +4708,236 @@ index dd096ab41..b180ed3b3 100644
  # reboot = true
  # strategy = restrict
  # complexity = low
+diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+index 7ba994e11..f9e6939f0 100644
+--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
+ # packages = crypto-policies-scripts
+ 
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index b607202c5..175381afb 100644
+index fc2a50a39..5216b9c9b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index e5b598342..5608d4124 100644
+index 4414dbb23..5d20befa2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index 7be3c82f3..96c42acfe 100644
+index 713b3a918..9e85563e9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-index 261dc3f96..2cde26d7d 100644
+index d335cd229..29fba75a9 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index 356aa3ffe..caba47b8c 100644
+index 3c2d65e3c..27bee6e43 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 06bd713dd..5d4abd801 100644
+index 2f734ca0c..b1d3a9e5c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index 56a081eca..aa25f4415 100644
+index f4f88117f..831b56393 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
-index a09f7bf9b..15cf91f31 100644
+index a09f7bf9b..91d160f01 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
-index a2107d146..6964ade32 100644
+index a2107d146..6e036355c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_e8
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-index b06e035fa..a3c503b8d 100644
+index bb2cf5405..ad2c135cc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 6679f94bd..cc37b1c9d 100644
+index 7dc906f73..f51b7ef62 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-index 9461c3ddd..6b048f2f5 100644
+index 169e6773c..ab47972de 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
-index 4834387dc..439e0a768 100644
+index 4834387dc..30bb91a51 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/krb5.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
-index 97ccc0590..5c7895552 100644
+index 97ccc0590..de8172ee7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
-index 4eb5348f2..42201408e 100644
+index 4eb5348f2..f354072e2 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
-index 9379b5ff3..dabf4b06b 100644
+index 9379b5ff3..cc866215f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
 @@ -1,4 +1,4 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  {{{ bash_package_remove("libreswan") }}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
-index 439da4978..927540f2c 100644
+index 439da4978..7c03e806a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
-index fbc8f1001..ced17d043 100644
+index fbc8f1001..0a9f05ba6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
-index 70f822342..c48a70d45 100644
+index 70f822342..845f073ed 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
-index 2863c6102..425d537a5 100644
+index 2863c6102..d58382e0d 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = libreswan
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  
  cp ipsec.conf /etc
@@ -8422,7 +4968,7 @@ index 4e77718c8..d73aa3a79 100644
  {{% else %}}
  OPENSSL_CRYPTO_POLICY_INCLUSION='.include /etc/crypto-policies/back-ends/opensslcnf.config'
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index de245380f..022be534a 100644
+index 9fea29831..36efce737 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 @@ -9,7 +9,7 @@ title: 'Configure OpenSSL library to use System Crypto Policy'
@@ -8435,152 +4981,166 @@ index de245380f..022be534a 100644
  {{% else %}}
      {{% set include_directive = ".include /etc/crypto-policies/back-ends/opensslcnf.config" %}}
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
-index 8ccb6cef9..75803a026 100644
+index 8ccb6cef9..06a39c498 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
-index edeca90f0..250872dbe 100644
+index edeca90f0..95099f865 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
-index 8c509ef32..cede47573 100644
+index 8c509ef32..bc555e4c7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
-index 1c9342e23..836ed61d1 100644
+index 1c9342e23..16b5b1f92 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
-index 1b2ea8d80..fcffa0118 100644
+index 1b2ea8d80..17e2ee78e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_sle
  
  . common.sh
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
-index 96ae6a064..b0a717135 100644
+index 96ae6a064..098df76af 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
-index 6ab33f749..46f010e8d 100644
+index 6ab33f749..90181fa53 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
-index bcea9badc..24728b674 100644
+index bcea9badc..b6a2c3b71 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
-index ea6d23ee1..04ec08881 100644
+index ea6d23ee1..705d5891f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
-index a6e7c89da..953ad981c 100644
+index a6e7c89da..edade27ed 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  #
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  
  SSH_CONF="/etc/sysconfig/sshd"
  
-diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-index 0447bf2c4..43627ebd3 100644
---- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-index 9647791ef..9f70b30d4 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-index 5da0c99e6..57ac7592b 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
+index 0b0d646f6..9874db425 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 9,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ # variables = sshd_approved_ciphers=aes256-gcm@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
+ 
+ sshd_approved_ciphers=aes256-gcm@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
+index 91ab7de0c..c4a5ec70b 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 9,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ # variables = sshd_approved_ciphers=aes256-gcm@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
+ # remediation = none
+ 
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
+index a691117b4..e33f64479 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_correct.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 9,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ # variables = sshd_approved_macs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
+ 
+ sshd_approved_macs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
+index 463c79ced..766179119 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/tests/rhel9_stig_incorrect_policy.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = Oracle Linux 9,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ # variables = sshd_approved_macs=hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
+ # remediation = none
  
- fips-mode-setup --enable
- FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
-index 9c232fc94..f3d71ee21 100644
+index d0a400adf..1f0cf1317 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
 @@ -1,6 +1,6 @@
@@ -8588,9 +5148,9 @@ index 9c232fc94..f3d71ee21 100644
  # packages = crypto-policies-scripts
 -# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
 +# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
- 
- fips-mode-setup --enable
- FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
+ {{% if 'rhel' in product %}}
+ # remediation = none
+ {{% endif %}}
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
 index b92e82236..138d2c997 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
@@ -8604,397 +5164,64 @@ index b92e82236..138d2c997 100644
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-index 267fc6b0d..7f0c1cb9a 100644
+index 4bfb5f6cc..5c7870089 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-@@ -70,7 +70,7 @@
+@@ -119,7 +119,7 @@
    <ind:variable_state id="ste_system_crypto_policy_value" version="2"
      comment="variable value is set to 'FIPS' or 'FIPS:modifier', where the modifier corresponds
  to a crypto policy module that further restricts the modified crypto policy.">
--  {{% if product in ["ol9","rhel9"] -%}}
-+  {{% if product in ["ol9","rhel9", "almalinux9"] -%}}
-     <ind:value operation="pattern match" datatype="string">^FIPS(:OSPP)?$</ind:value>
+-  {{% if product in ["ol9","rhel9","rhel10","fedora"] -%}}
++  {{% if product in ["ol9","rhel9", "almalinux9","rhel10","fedora"] -%}}
+     <ind:value operation="pattern match" datatype="string">^FIPS(:(OSPP|STIG))?$</ind:value>
    {{%- else %}}
    {{# Legacy and more relaxed list of crypto policies that were historically considered
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-index b320fccb5..5e1c5b637 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
+diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
+index df1317b6b..b3c62cf8c 100644
+--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
++++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
  
- {{% if 'sle' in product or 'slmicro' in produc %}}
- zypper -q --no-remote ref
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index c78b92690..39bab2902 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-index eb25eaa3a..1c4e85445 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-index 1b0c304be..fe181733a 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
+ readarray -t FILES_WITH_INCORRECT_HASHES < <(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )
+diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
+index 30e53fd4c..88bbc9f5a 100644
+--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
++++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
+ 
+ readarray -t FILES_WITH_INCORRECT_OWNERSHIP < <(rpm -Va --nofiledigest | awk '{ if (substr($0,6,1)=="U" || substr($0,7,1)=="G") print $NF }')
+diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
+index a2cee384f..5c01dd1d6 100644
+--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
++++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
+@@ -1,5 +1,5 @@
+ #!/usr/bin/env bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # check-import = stdout
+ 
+ readarray -t FILES_WITH_INCORRECT_PERMS < <(rpm -Va --nofiledigest | awk '{ if (substr($0,2,1)=="M") print $NF }')
+diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
+index f8b112e1a..33a266be6 100644
+--- a/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
++++ b/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
- aide --init
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-index 236c0cebf..f91dce305 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- declare -a bins
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-index 7f422b6b2..efdd460cc 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- declare -a bins
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-index d76b93657..35c7a2400 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = aide
- 
- aide --init
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-index dfa5c1b6c..60ac94141 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- {{{ bash_package_install("aide") }}}
- 
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-index 34a114520..b22a658da 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- {{{ bash_package_install("aide") }}}
- 
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh
-index 345dd0d85..3881ea90b 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = aide
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- 
- cat >/etc/aide.conf <<EOL
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/wrong_value.fail.sh
-index ffe2b672b..daed42215 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/tests/wrong_value.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = aide
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- 
- cat >/etc/aide.conf <<EOL
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh
-index 345dd0d85..3881ea90b 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = aide
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- 
- cat >/etc/aide.conf <<EOL
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/wrong_value.fail.sh
-index 1ab6b7b23..3633030e5 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/wrong_value.fail.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/tests/wrong_value.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = aide
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- 
- cat >/etc/aide.conf <<EOL
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
-index 9e5172cc5..88a2fa5de 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
-@@ -1,5 +1,5 @@
- # and the regex_findall does not filter out configuration files the same as bash remediation does
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = high
-@@ -7,7 +7,7 @@
- - name: "Set fact: Package manager reinstall command"
-   set_fact:
-     package_manager_reinstall_cmd: {{{ pkg_manager }}} reinstall -y
--  when: ansible_distribution in [ "Fedora", "RedHat", "CentOS", "OracleLinux" ]
-+  when: ansible_distribution in [ "Fedora", "RedHat", "CentOS", "OracleLinux", "AlmaLinux" ]
- 
- - name: "Set fact: Package manager reinstall command (zypper)"
-   set_fact:
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
-index a40f350d4..b1c682604 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- # Find which files have incorrect hash (not in /etc, because of the system related config files) and then get files names
- files_with_incorrect_hash="$(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )"
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
-index f2f7f9b64..70363f637 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = high
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
-index 815226948..dacfcd998 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = high
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
-index 7a31fc54f..726667da5 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = high
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
-index 0f791c95e..0efde1682 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = high
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
-index 21ece11e5..26403c434 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- # Default umask is not explicitly set and has value 0022
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
-index c01587242..de0605d2d 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- # Default umask is not explicitly set and has value 0022
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
-index eb5220278..e19cec598 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- # Default umask is not explicitly set and has value 0022
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
-index 0ca7c09b3..05dcae714 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- echo "Defaults use_pty,umask=0022,noexec" >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-index 39ec72b52..a2849d3b4 100644
---- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # variables = var_sudo_umask=0027
- 
- echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-index 0e5aed5d0..c75edccd5 100644
---- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- # Make sure sudo is owned by root group
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-index 4cf3ce661..296d0b930 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-index ee448e531..13b381ede 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-index ef3750b2f..ccef4017d 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-index ebbcef34d..0e3a3d43a 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-index 3794bb647..e8d9bbaa6 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-@@ -1,4 +1,4 @@
--# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_slmicro
-+# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-index 81b218e1a..b8114e674 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-index 60354bba5..aebe5505f 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- echo 'Defaults !targetpw' >> /etc/sudoers
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-index c8e38ccd0..7955c2d54 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-index 4454ed38e..97a9346e2 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
-diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-index 1de6b3bbb..06eadc9e9 100644
---- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
- # packages = sudo
- 
- touch /etc/sudoers.d/empty
+ # Package libselinux cannot be uninstalled normally
+ # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
-index 230a064b6..3be027b0d 100644
+index cc5603baa..e1f99a791 100644
 --- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
 @@ -13,7 +13,7 @@ rationale: |-
@@ -9006,61 +5233,8 @@ index 230a064b6..3be027b0d 100644
      The package provides, among other things, {{{ package_manager }}} plugins
      to interact with repositories and subscriptions
      from the Red Hat entitlement platform - the subscription-manager and
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index e25b2e615..5ef42594e 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-index 742c2e452..c7fdd0009 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{% if 'sle' in product or 'slmicro' in product %}}
- {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-index 4cba82b3c..1d8495018 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-index 3b3bd71f7..d54501d5c 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
-diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-index 8f2e4fac8..20d00061a 100644
---- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- file={{{ pkg_manager_config_file }}}
- 
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-index d74db7b2b..b44ee67b3 100644
+index e43ee7994..8b41b5d93 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -9070,7 +5244,7 @@ index d74db7b2b..b44ee67b3 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-index ba0c54f3f..1890b7708 100644
+index 1c68a6ec3..fa8f50b84 100644
 --- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -9079,257 +5253,35 @@ index ba0c54f3f..1890b7708 100644
  # reboot = false
  # strategy = unknown
  # complexity = low
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-new file mode 100644
-index 000000000..b9b1e3ea0
---- /dev/null
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-@@ -0,0 +1,39 @@
-+# platform=multi_platform_almalinux
-+# reboot = false
-+# strategy = restrict
-+# complexity = medium
-+# disruption = medium
-+- name: "Read permission of GPG key directory"
-+  stat:
-+    path: /etc/pki/rpm-gpg/
-+  register: gpg_key_directory_permission
-+  check_mode: no
-+
-+# It should fail if it doesn't find any fingerprints in file - maybe file was not parsed well.
-+
-+- name: Read signatures in GPG key
-+  # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
-+  command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
-+  args:
-+    warn: False
-+  changed_when: False
-+  register: gpg_fingerprints
-+  check_mode: no
-+
-+- name: Set Fact - Installed GPG Fingerprints
-+  set_fact:
-+    gpg_installed_fingerprints: "{{ gpg_fingerprints.stdout | regex_findall('^pub.*\n(?:^fpr[:]*)([0-9A-Fa-f]*)', '\\1') | list }}"
-+
-+- name: Set Fact - Valid fingerprints
-+  set_fact:
-+    gpg_valid_fingerprints: ("{{{ release_key_fingerprint }}}" "{{{ auxiliary_key_fingerprint }}}")
-+
-+- name: Import AlmaLinux GPG key
-+  rpm_key:
-+    state: present
-+    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
-+  when:
-+   - gpg_key_directory_permission.stat.mode <= '0755'
-+   - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
-+   - gpg_installed_fingerprints | length > 0
-+   - ansible_distribution == "AlmaLinux"
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-new file mode 100644
-index 000000000..89e6d6aeb
---- /dev/null
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-@@ -0,0 +1,26 @@
-+# platform = multi_platform_almalinux
-+readonly ALMALINUX_FINGERPRINT="BF18AC2876178908D6E71267D36CB86CB86B3716"
-+
-+# Location of the key we would like to import (once it's integrity verified)
-+readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
-+
-+RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
-+
-+# Verify /etc/pki/rpm-gpg directory permissions are safe
-+if [ "${RPM_GPG_DIR_PERMS}" -le "755" ]
-+then
-+  # If they are safe, try to obtain fingerprints from the key file
-+  # (to ensure there won't be e.g. CRC error)
-+  readarray -t GPG_OUT < <(gpg --with-fingerprint --with-colons "$ALMALINUX_RELEASE_KEY" | grep "^fpr" | cut -d ":" -f 10)
-+  GPG_RESULT=$?
-+  # No CRC error, safe to proceed
-+  if [ "${GPG_RESULT}" -eq "0" ]
-+  then
-+    # Filter just hexadecimal fingerprints from gpg's output from
-+    # processing of a key file
-+    echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_FINGERPRINT}" || {
-+      # If $ ALMALINUX_RELEASE_KEY file doesn't contain any keys with unknown fingerprint, import it
-+      rpm --import "${ALMALINUX_RELEASE_KEY}"
-+    }
-+  fi
-+fi
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
-new file mode 100644
-index 000000000..f02f04002
---- /dev/null
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
-@@ -0,0 +1,42 @@
-+<def-group>
-+  <definition class="compliance" id="ensure_almalinux_gpgkey_installed" version="1">
-+    <metadata>
-+      <title>AlmaLinux gpg-pubkey Package Installed</title>
-+      <affected family="unix">
-+        <platform>multi_platform_almalinux</platform>
-+      </affected>
-+      <description>The AlmaLinux key packages are required to be installed.</description>
-+    </metadata>
-+    <criteria comment="Vendor GPG keys" operator="OR">
-+      <criteria comment="AlmaLinux Vendor GPG Keys" operator="AND">
-+        <criteria comment="AlmaLinux Linux Release Installed" operator="OR">
-+          <extend_definition comment="AlmaLinux 9 installed" definition_ref="installed_OS_is_almalinux9" />
-+        </criteria>
-+        <criteria comment="AlmaLinux GPG Key Installed" operator="OR">
-+            <criterion comment="package gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}} is installed"
-+            test_ref="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" />
-+
-+        </criteria>
-+      </criteria>
-+    </criteria>
-+  </definition>
-+
-+  <!-- First define global "object_package_gpg-pubkey" to be shared (reused) across multiple tests -->
-+  <linux:rpminfo_object id="object_package_gpg-pubkey" version="1">
-+    <linux:name>gpg-pubkey</linux:name>
-+  </linux:rpminfo_object>
-+
-+  <!-- Test for ALMALINUX9 key -->
-+  <linux:rpminfo_test check="only one" check_existence="at_least_one_exists"
-+  id="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" version="1"
-+  comment="AlmaLinux 9 key package is installed">
-+    <linux:object object_ref="object_package_gpg-pubkey" />
-+    <linux:state state_ref="state_package_gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}}" />
-+  </linux:rpminfo_test>
-+
-+  <linux:rpminfo_state id="state_package_gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}}" version="1">
-+    <linux:release>{{{ pkg_release }}}</linux:release>
-+    <linux:version>{{{ pkg_version }}}</linux:version>
-+  </linux:rpminfo_state>
-+
-+</def-group>
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-new file mode 100644
-index 000000000..bc0ba8d22
---- /dev/null
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-@@ -0,0 +1,44 @@
-+documentation_complete: true
-+
-+title: 'Ensure AlmaLinux GPG Key Installed'
-+
-+description: |-
-+    To ensure the system can cryptographically verify base software
-+    packages come from AlmaLinux, the AlmaLinux GPG key must properly be installed.
-+    To install the AlmaLinux GPG key, run:
-+    <pre>$ sudo rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-9</pre>
-+    If the system is not connected to the Internet,
-+    then install the AlmaLinux GPG key from trusted media such as
-+    the AlmaLinux installation CD-ROM or DVD. Assuming the disc is mounted
-+    in <tt>/media/cdrom</tt>, use the following command as the root user to import
-+    it into the keyring:
-+    <pre>$ sudo rpm --import /media/cdrom/RPM-GPG-KEY</pre>
-+
-+rationale: |-
-+    Changes to software components can have significant effects on the
-+    overall security of the operating system. This requirement ensures
-+    the software has not been tampered with and that it has been provided
-+    by a trusted vendor. The AlmaLinux GPG key is necessary to
-+    cryptographically verify packages are from AlmaLinux.
-+
-+severity: high
-+
-+references:
-+    cis: 1.2.2
-+    disa: CCI-001749
-+    nist: CM-5(3),SI-7,SC-12,SC-12(3),CM-6(a),CM-11(a),CM-11(b)
-+    nist-csf: PR.DS-6,PR.DS-8,PR.IP-1
-+    pcidss: Req-6.2
-+    isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
-+    isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
-+    cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
-+    iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4
-+    cis-csc: 11,2,3,9
-+
-+ocil_clause: 'the AlmaLinux GPG Key is not installed'
-+
-+ocil: |-
-+    To ensure that the GPG key is installed, run:
-+    <pre>$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey</pre>
-+    The command should return the string below:
-+    <pre>gpg(AlmaLinux &lt;packager@almalinux.org&gt;</pre>
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-index 4366d9faa..4a3043290 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
- 
- {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index a653565f5..0e8220272 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
+diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
+index 015c5b029..508241c9f 100644
+--- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
++++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-index 07e02fa47..ee1d023d9 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
+diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
+index eb390cd1f..ac318fa9a 100644
+--- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
++++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
- {{% if product in ["sle12", "sle15"] %}}
- sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
- {{% else %}}
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-index 37e47e4d4..a852e856f 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  
- sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/yum.repos.d/*
-diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-index 04ff6e577..b97d75469 100644
---- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
- 
- sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
-diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index e77380808..829e5f9f0 100644
---- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-@@ -16,6 +16,11 @@ description: |-
-     <pre>$ sudo yum update</pre>
-     If the system is not configured to use one of these sources, updates (in the form of RPM packages)
-     can be manually downloaded from the ULN and installed using <tt>rpm</tt>.
-+{{% elif product in ["almalinux9"] %}}
-+    Run the following command to install updates:
-+    <pre>$ sudo yum update</pre>
-+    If the system is not configured to use repos, updates (in the form of RPM packages)
-+    can be manually downloaded from the repos and installed using <tt>rpm</tt>.
- {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
-     If the system is configured for online updates, invoking the following command will list available
-     security updates:
+ function replace_all_gpgcheck {
+     sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
 diff --git a/products/almalinux9/CMakeLists.txt b/products/almalinux9/CMakeLists.txt
-new file mode 100644
-index 000000000..ae4b60220
---- /dev/null
+index 99799a709..ae4b60220 100644
+--- a/products/almalinux9/CMakeLists.txt
 +++ b/products/almalinux9/CMakeLists.txt
-@@ -0,0 +1,26 @@
-+# Sometimes our users will try to do: "cd almalinux9; cmake ." That needs to error in a nice way.
-+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
-+    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
-+endif()
-+
+@@ -3,4 +3,24 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+     message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
+ endif()
+ 
+-ssg_build_product("almalinux9")
 +set(PRODUCT "almalinux9")
 +
 +ssg_build_product(${PRODUCT})
@@ -9351,13 +5303,8987 @@ index 000000000..ae4b60220
 +if(SSG_CENTOS_DERIVATIVES_ENABLED)
 +    ssg_build_derivative_product(${PRODUCT} "centos" "cs9")
 +endif()
+diff --git a/products/almalinux9/controls/bsi_sys_1_1_rhel9.yml b/products/almalinux9/controls/bsi_sys_1_1_rhel9.yml
+new file mode 100644
+index 000000000..fda552979
+--- /dev/null
++++ b/products/almalinux9/controls/bsi_sys_1_1_rhel9.yml
+@@ -0,0 +1,678 @@
++---
++# In BSI Basic Protection are multiple Requirements in one control.
++# i.e. there are multiple sentences, some including a RFC2119 keyword
++# Since we must increase granularity to create a precise control,
++# we number each sentence with a RFC2119 keyword as a section, grouping sentences, which are logically connected.
++# we number inline in brackets, so the lookup is easy
++# we reference these numbers in comments over each rule or group of rules
++policy: 'BSI-SYS-1-1-RHEL9'
++title: 'SYS.1.1 General Server (RHEL9)'
++id: bsi_sys_1_1_rhel9
++version: '1.0'
++source: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf
++
++levels:
++    - id: basic
++    - id: standard
++      inherits_from:
++          - basic
++    - id: elevated
++      inherits_from:
++          - standard
++
++reference_type: bsi
++product: rhel9
++
++controls:
++    - id: SYS.1.1.A1
++      title: Appropriate Installation
++      levels:
++          - basic
++      description: |-
++          (1) Servers MUST be operated in locations that may only be accessed by authorised persons.
++          (2) Servers MUST therefore be set up and installed in data centres, computer rooms, or lockable server rooms (see the corresponding modules in the INF Infrastructure layer). (3) Servers MUST NOT be used as personal computers (4) IT systems used as workstations MUST NOT be used as servers.
++      notes: |-
++          This requirement must be implemented organizationally and cannot be checked technically
++      status: manual
++
++    - id: SYS.1.1.A2
++      title: User Authentication on Servers
++      levels:
++          - basic
++      description: |-
++          (1) Authentication methods adequate for the protection needs at hand MUST be used when users and services log into servers. (2) This SHOULD be taken into account for administrative access in particular. (3) Central, network-based authentication services SHOULD be used whenever possible.
++      notes: |-
++          Section 1,2: sshd configuration, NoPermitRootLogin,PAM
++          Section 3: AD Integration, IdM?
++      status: pending
++
++    - id: SYS.1.1.A3
++      title: ELIMINATED
++      levels:
++          - basic
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A4
++      title: ELIMINATED
++      levels:
++          - basic
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A5
++      title: Protection of Interfaces
++      levels:
++          - basic
++      description: |-
++          (1) It MUST be ensured that only specified removable storage media and other devices can be
++          connected to servers. All interfaces that are no longer needed must be disabled.
++      notes: |-
++          Section 1: If you dont utilize specific software to control the allowed devices for usb ports,
++          you can ensure compliance by disabling the usb port completely.
++          Interfaces is ambigious, it is focussed on usb etc. not on network.
++      status: automated
++      rules:
++      # Section 1
++      # USB
++          - grub2_nousb_argument
++          - bios_disable_usb_boot
++          - kernel_module_usb-storage_disabled
++      # Automount
++          - service_autofs_disabled
++      # Firewire
++          - kernel_module_firewire-core_disabled
++
++    - id: SYS.1.1.A6
++      title: Disabling Unnecessary Services
++      levels:
++          - basic
++      description: |-
++          (1) All unnecessary services and applications — particularly network services — MUST be
++          disabled or uninstalled. (2) All unused functions in firmware MUST also be disabled.
++          (3) On servers, the disk space allotted to both individual users and applications SHOULD be
++          restricted appropriately.
++          (4) The decisions taken in this regard SHOULD be documented in a way that makes it clear which
++          configuration and software equipment was chosen for servers.
++      notes: |-
++          Section 1: We can conclude for servers, that wireless protocols are unnecessary
++          Section 4: Documentation and organizational tasks.
++      status: partial
++      rules:
++      # Section 1, 2
++          - mask_nonessential_services
++          - configure_firewalld_ports
++          - kernel_module_bluetooth_disabled
++          - kernel_module_cfg80211_disabled
++          - kernel_module_iwlmvm_disabled
++          - kernel_module_iwlwifi_disabled
++          - kernel_module_mac80211_disabled
++          - service_bluetooth_disabled
++          - wireless_disable_in_bios
++          - wireless_disable_interfaces
++      # Section 3
++          - partition_for_home
++          - partition_for_opt
++          - partition_for_var
++          - partition_for_var_log
++          - partition_for_usr
++          - partition_for_tmp
++          - partition_for_var_tmp
++
++    - id: SYS.1.1.A7
++      title: ELIMINATED
++      levels:
++          - basic
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A8
++      title: ELIMINATED
++      levels:
++          - basic
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A9
++      title: Using Anti-Virus Programs on Servers
++      levels:
++          - basic
++      description: |-
++          (1) Whether virus protection programs can and should be used MUST be checked depending on the
++          operating system installed, the services provided, and other existing protection mechanisms of
++          the server in question. (2) Where available, concrete statements from the relevant operating
++          system modules of the IT-Grundschutz Compendium on whether virus protection is necessary MUST
++          be considered.
++      notes: |-
++          Section 1,2: Antivirus software on linux systems is more useful, if the servers provide any
++          file or mailservices to endpoints.
++      status: automated
++      rules:
++          - install_antivirus
++          - install_endpoint_security_software
++
++    - id: SYS.1.1.A10
++      title: Logging
++      levels:
++          - basic
++      description: |-
++          (1) In general, all security-relevant system events MUST be logged, including the following at
++          minimum:
++          • (2) System starts and reboots
++          • (3) Successful and failed login attempts (operating system and application software)
++          • (4) Failed authorisation checks
++          • (5) Blocked data flows (violations of ACLs or firewall rules)
++          • (6) Creation of or changes to users, groups, and authorisations
++          • (7) Security-relevant error messages (e.g. hardware defects, exceeded capacity limits)
++          • (8) Warnings from security systems (e.g. virus protection)
++      notes: |-
++          This whole requirement is more specifically implemented in the CIS hardening guide, which also
++          defines permissions to protect against manipulations.
++          Section 7 and 8 are not addressed explicitly with rules, as 8 is specific for the AV software
++          and 7 is quite broad.
++          # OPS.1.1.5: Logging Anforderung anschauen
++          # AIDE
++          Section 2: Only in system logs, not in specialized audit logs
++          Section 5: Identify how firewalld logs and if we could use that
++      status: automated
++      rules:
++      # ensure auditd is installed
++          - package_audit_installed
++          - package_audit-libs_installed
++      # ensure auditd is enabled
++          - service_auditd_enabled
++      # Section 2 (start / reboot)
++          - grub2_audit_argument
++          - grub2_audit_backlog_limit_argument
++          - var_audit_backlog_limit=8192
++      # Section 3 (login)
++          - audit_rules_session_events
++          - audit_rules_login_events_faillock
++          - audit_rules_login_events_lastlog
++          - var_accounts_passwords_pam_faillock_dir=run
++      # Section 4 (authorization)
++          - audit_rules_sysadmin_actions
++          - audit_rules_suid_auid_privilege_function
++          - audit_sudo_log_events
++          - audit_rules_privileged_commands
++          - audit_rules_execution_chcon
++          - audit_rules_execution_setfacl
++      # Section 5 (dataflows / firewall)
++          - audit_rules_dac_modification_chmod
++          - audit_rules_dac_modification_chown
++          - audit_rules_dac_modification_fchmod
++          - audit_rules_dac_modification_fchmodat
++          - audit_rules_dac_modification_fchown
++          - audit_rules_dac_modification_fchownat
++          - audit_rules_dac_modification_fremovexattr
++          - audit_rules_dac_modification_fsetxattr
++          - audit_rules_dac_modification_lchown
++          - audit_rules_dac_modification_lremovexattr
++          - audit_rules_dac_modification_lsetxattr
++          - audit_rules_dac_modification_removexattr
++          - audit_rules_dac_modification_setxattr
++      # Section 6 (users and groups)
++          - audit_rules_usergroup_modification_group
++          - audit_rules_usergroup_modification_gshadow
++          - audit_rules_usergroup_modification_opasswd
++          - audit_rules_usergroup_modification_passwd
++          - audit_rules_usergroup_modification_shadow
++          - audit_rules_privileged_commands_usermod
++
++    - id: SYS.1.1.A11
++      title: Defining a Security Policy for Servers
++      levels:
++          - standard
++      description: |-
++          (1) Based on the general security policy of the organisation in question, the requirements for
++          servers SHOULD be specified in a separate security policy. (2) This policy SHOULD be known to
++          all administrators and other persons involved in the procurement and operation of servers and
++          be integral to their work. (3) The implementation of the policy's requirements SHOULD be
++          checked at regular intervals. (4) The results SHOULD be appropriately documented.
++      notes: |-
++          This requirement must be implemented organizationally.
++          If we interprete this towards hardening, the CIS Profile could be used
++      status: manual
++
++    - id: SYS.1.1.A12
++      title: Planning the Use of Servers
++      levels:
++          - standard
++      description: |-
++          Each server system SHOULD be suitably planned. In this process, the following points
++          SHOULD be taken into account at minimum:
++          • Selection of the hardware platform, operating system, and application software
++          • Hardware capacity (performance, memory, bandwidth, etc)
++          • Type and number of communication interfaces
++          • Power consumption, thermal load, space requirements, and structural shape
++          • Administrative access points (see SYS.1.1.A5 Protection of Administration Interfaces)
++          • User access
++          • Logging (see SYS.1.1.A10 Logging).
++          • Updates for operating systems and applications
++          • Integration into system and network management, backups, and protection systems
++          (virus protection, IDS, etc)
++          All decisions taken in the planning phase SHOULD be documented in such a way that they can
++          be understood at any future point in time.
++      notes: |-
++          This requirement must be implemented organizationally.
++          Some parts could be technically checked, i.e. if repositories are configureg, if AV is
++          installed and therelike.
++      status: manual
++
++    - id: SYS.1.1.A13
++      title: Procurement of Servers
++      levels:
++          - standard
++      description: |-
++          Prior to procuring one or more servers, a requirements list SHOULD be drawn up that can be
++          used to evaluate the products available on the market.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A14
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A15
++      title: Stable and Uninterruptible Power Supply [Building Services]
++      levels:
++          - standard
++      description: |-
++          (1) Every server SHOULD be connected to an uninterruptible power supply (UPS).
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A16
++      title: Secure Basic Configuration of Servers
++      levels:
++          - standard
++      description: |-
++          (1) The basic settings of servers SHOULD be checked and, where necessary, adapted to the
++          specifications of the security policy at hand. (2) Clients SHOULD only be connected to the
++          Internet after the installation and configuration have been completed.
++      notes: |-
++          One could argue, that this is done with this profile. Or could utilize the CIS Benchmark again,
++          if CIS is the security policy
++      status: inherently met
++    # rules:
++
++    - id: SYS.1.1.A17
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A18
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A19
++      title: Configuring Local Packet Filters
++      levels:
++          - standard
++      description: |-
++          (1) Based on a set of rules, existing local packet filters SHOULD be designed to limit
++          incoming and outgoing communications to the necessary communication partners, communication
++          protocols, ports, and interfaces. (2) The identity of remote systems and the integrity of
++          corresponding connections SHOULD be protected cryptographically.
++      notes: |-
++          Section 1: This can be addressed by utilizing firewalld or therelike
++          Section 2: this must be configured on the application layer
++          # deactivate WebConsole to circumvent TLS
++      status: partial
++      rules:
++      # Section 1
++          - service_firewalld_enabled
++          - package_firewalld_installed
++          - unnecessary_firewalld_services_ports_disabled
++          - set_firewalld_appropriate_zone
++
++    - id: SYS.1.1.A20
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A21
++      title: Operational Documentation for Servers
++      levels:
++          - standard
++      description: |-
++          (1) Operational tasks that are carried out on a server SHOULD be clearly documented in terms
++          of what has been done, when, and by whom. (2) In particular, the documentation SHOULD make
++          configuration changes transparent. (3) Security-relevant responsibilities, such as who is
++          authorised to install new hard disks, SHOULD be documented. (4) Everything that can be
++          documented automatically SHOULD be documented automatically. (5) The documentation SHOULD be
++          protected against unauthorised access and loss.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A22
++      title: Integration into Contingency Planning
++      levels:
++          - standard
++      description: |-
++          (1) Servers SHOULD be taken into account in business continuity management processes.
++          (2) To this end, the contingency requirements for the system in question SHOULD be determined
++          and appropriate contingency procedures implemented—for example, by drawing up recovery plans
++          or securely storing passwords and cryptographic keys.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A23
++      title: Monitoring Systems and Servers
++      levels:
++          - standard
++      description: |-
++          (1) Server systems SHOULD be integrated into an appropriate system monitoring concept.
++          (2) The status and functionality of these systems and the services operated on them SHOULD be
++          continuously monitored. (3) Error conditions and defined thresholds that are exceeded SHOULD
++          be reported to the operating personnel.
++      notes: |-
++          Monitoring is a very specific and organization dependend task. therefore we do not
++          check this automatically
++      status: manual
++    # rules:
++    # there does not seem to be a rule for that
++
++    - id: SYS.1.1.A24
++      title: Security Checks for Servers
++      levels:
++          - standard
++      description: |-
++          (1) Servers SHOULD be subjected to regular security tests to check their compliance with the
++          applicable security requirements and identify possible vulnerabilities. (2) In particular,
++          these security tests SHOULD be performed on servers with external interfaces. (3) To prevent
++          indirect attacks via infected systems in an organisation’s own network, internal server
++          systems SHOULD also be checked accordingly at defined intervals. (4) Whether the security
++          checks can be realised automatically—by means of suitable scripts, for example—SHOULD be
++          examined.
++      notes: |-
++          This is met due to the usage of this compliance profile.
++      status: inherently met
++
++    - id: SYS.1.1.A25
++      title: Controlled Decommissioning of a Server
++      levels:
++          - standard
++      description: |-
++          (1) When decommissioning a server, it SHOULD be ensured that no important data that might
++          still be present on the storage media is lost and no sensitive data remains.
++          (2) There SHOULD be an overview of the data stored in each location on the server.
++          (3) Furthermore, it SHOULD be ensured that services offered by the server will be taken over
++          by another server when necessary.
++          (4) A checklist SHOULD be created that is to be completed when decommissioning a server.
++          (5) This checklist SHOULD at least include aspects related to backing up data, migrating
++          services, and subsequently deleting all data in a secure manner.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A35
++      title: Drawing Up and Maintaining an Operating Manual
++      levels:
++          - standard
++      description: |-
++          (1) An operating manual SHOULD be drawn up. (2) It SHOULD document all the rules, requirements,
++          and settings that are necessary in operating servers. (3) There SHOULD be a specific operating
++          manual for every type of server. (4) Each operating manual SHOULD be updated at regular
++          intervals. (5) Operating manuals SHOULD be protected against unauthorised access. (6) Operating
++          manuals SHOULD be available in emergencies.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A37
++      title: Encapsulation of Security-Critical Applications and Operating System Components
++      levels:
++          - standard
++      description: |-
++          (1) In order to prevent an attacker from accessing the operating system or other applications and
++          prevent access from the operating system to files that are particularly sensitive, applications
++          and operating system components (such as authentication or certificate verification) SHOULD
++          be specially encapsulated according to their protection needs or isolated from other
++          applications and operating system components. (2) Particular attention SHOULD be paid to
++          security-critical applications that work with data from insecure sources (e.g. web browsers and
++          office communication applications)
++      notes: |-
++          Section 1-2: This can be done by utilizing SELinux for enhanced protection and/or container
++          technology (Microsegmentation)
++      status: automated
++      rules:
++          - package_libselinux_installed
++          - grub2_enable_selinux
++          - selinux_not_disabled
++          - var_selinux_policy_name=targeted
++          - selinux_policytype
++          - var_selinux_state=enforcing
++          - selinux_state
++          - selinux_confinement_of_daemons
++
++    - id: SYS.1.1.A26
++      title: ELIMINATED
++      levels:
++          - elevated
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A27
++      title: Host-Based Attack Detection
++      levels:
++          - elevated
++      description: |-
++          (1) Host-based attack detection systems (also referred to as host-based intrusion detection
++          systems, IDS, or intrusion prevention systems, IPS) SHOULD be used to monitor system
++          behaviour for abnormalities and misuse. (2) The IDS/IPS mechanisms used SHOULD be
++          appropriately selected, configured, and thoroughly tested. (3) If an attack has been detected,
++          the operating personnel SHOULD be alerted in an appropriate manner.
++          (4) Using operating system mechanisms or suitable additional products, changes made to system
++          files and configuration settings SHOULD be checked, restricted, and reported.
++      notes: |-
++          Section 1: Can only be checked manually.
++          Section 2,3: this is an organizational requirement
++          Section 4: AIDE could be leveraged as a system mechanism
++      status: partial
++      rules:
++      # Section 1
++          - install_hids
++      # Section 4
++          - package_aide_installed
++          - aide_scan_notification
++          - aide_periodic_cron_checking
++      # currently not in rhel9, might cause errors
++      # - aide_periodic_checking_systemd_timer
++      # currently not in rhel9, causes massive error with filesystem walk
++      # - aide_disable_silentreports
++          - aide_build_database
++
++          - rpm_verify_hashes
++          - rpm_verify_ownership
++
++      related_rules:
++      # while rpm_verify_permissions is a part of how to detect changes, it conflicts
++      # with permission hardening rules like the cron_permissions rules and therelike.
++      # it is more important to harden the permissions to prevent change, than it is to
++      # ensure that the permissions are the same as in the rpm database.
++          - rpm_verify_permissions
++
++    - id: SYS.1.1.A28
++      title: Increasing Availability Through Redundancy
++      levels:
++          - elevated
++      description: |-
++          (1) Server systems with high availability requirements SHOULD be protected adequately against
++          failures. (2) At minimum, suitable redundancies SHOULD be available and maintenance contracts
++          concluded with the respective suppliers. (3) Whether high-availability architectures with
++          automatic failover (across various sites, if necessary) are required in the case of very high
++          requirements SHOULD be checked.
++      notes: |-
++          this is an organizational requirement
++      status: manual
++
++    - id: SYS.1.1.A29
++      title: ELIMINATED
++      levels:
++          - elevated
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A30
++      title: One Service per Server
++      levels:
++          - elevated
++      description: |-
++          (1) Depending on the threat landscape at hand and the protection needs of services, only one
++          service SHOULD be operated on each server.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.1.A31
++      title: Using Execution Control
++      levels:
++          - elevated
++      description: |-
++          (1) Execution control SHOULD be used to ensure that only explicitly authorised programs and
++          scripts can be executed. (2) The rules SHOULD be set as restrictively as possible. (3) If explicit
++          specification of paths and hashes is not possible, certificate-based or path rules SHOULD be
++          used as an alternative.
++      notes: |-
++          While not directly leveraging a allowlist of executable programs, SELinux and fapolicyd help to
++          address this issue. They deny execution or fileaccess based on a list of allowed permissions.
++      status: automated
++      rules:
++      # selinux
++          - package_libselinux_installed
++          - grub2_enable_selinux
++          - selinux_not_disabled
++          - var_selinux_policy_name=targeted
++          - selinux_policytype
++          - var_selinux_state=enforcing
++          - selinux_state
++          - selinux_confinement_of_daemons
++      # fapolicyd
++          - fapolicy_default_deny
++          - package_fapolicyd_installed
++          - service_fapolicyd_enabled
++
++    - id: SYS.1.1.A32
++      title: ELIMINATED
++      levels:
++          - elevated
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.1.A33
++      title: Active Administration of Root Certificates
++      levels:
++          - elevated
++      description: |-
++          (1) As part of the procurement and installation of a server, the root certificates that are
++          required to operate the server SHOULD be documented. (2) Only the previously documented root
++          certificates required for operation SHOULD be present on the server. (3) Regular checks SHOULD
++          be performed as to whether existing root certificates still comply with the respective
++          organisation’s requirements. (4) All certificate stores on the IT system at hand SHOULD be
++          included in these checks.
++      notes: |-
++          Section 1: organizational control
++          Section 2-4: can be addressed by a manual rule in OpenSCAP
++          This can be in conflict with rpm_checks as changing the ca-trust-store triggers these checks.
++      status: manual
++      rules:
++      # Section 1-4
++          - only_allow_specific_certs
++
++    - id: SYS.1.1.A34
++      title: Hard Disk Encryption
++      levels:
++          - elevated
++      description: |-
++          (1) In case of increased protection needs, a server's storage media should be encrypted using a
++          product or procedure that is considered secure. (2) This SHOULD also apply to virtual machines
++          containing production data. (3) Trusted Platform Module (TPM) SHOULD NOT be the only form
++          of key protection used. (4) Recovery passwords SHOULD be stored in an appropriate and secure
++          location. (5) In case of very high requirements (e.g. regarding confidentiality), full volume or full
++          disk encryption SHOULD be used.
++      notes: |-
++          Section 1-3: Specification of what is needed
++          Section 4: organizational control
++          Section 5: can be addressed on a partition label with existing checks
++          # Keylime?
++          # nbde?
++          # https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening
++      status: partial
++      rules:
++      # Section 3
++          - grub2_rng_core_default_quality_argument
++      # Section 1,5
++          - encrypt_partitions
++
++    - id: SYS.1.1.A36
++      title: Protecting the Boot Process
++      levels:
++          - elevated
++      description: |-
++          (1) A server's boot loader and operating system kernel SHOULD be checked by self-controlled key
++          material that is signed upon system start in a trusted chain (secure boot). (2) Unnecessary key
++          material SHOULD be removed.
++      notes: |-
++          At the moment there is no automatic check to check if secure boot is active.
++          It can be done manually by using mokutil --sb-state
++      status: manual
++      rules: []
++
++    - id: SYS.1.1.A38
++      title: Hardening of the Host System by Means of a Read-Only File System
++      levels:
++          - elevated
++      description: |-
++          The integrity of the host system should be ensured by a read-only file system (an immutable OS).
++      notes: |-
++          RHEL does not meet this requirement. RHEL in ImageMode (bootc) might be the solution
++          for that.
++      status: does not meet
+diff --git a/products/almalinux9/controls/bsi_sys_1_3_rhel9.yml b/products/almalinux9/controls/bsi_sys_1_3_rhel9.yml
+new file mode 100644
+index 000000000..8bc8b128d
+--- /dev/null
++++ b/products/almalinux9/controls/bsi_sys_1_3_rhel9.yml
+@@ -0,0 +1,421 @@
++---
++# In BSI Basic Protection are multiple Requirements in one control.
++# i.e. there are multiple sentences, some including a RFC2119 keyword
++# Since we must increase granularity to create a precise control,
++# we number each sentence with a RFC2119 keyword as a section, grouping sentences, which are logically connected.
++# we number inline in brackets, so the lookup is easy
++# we reference these numbers in comments over each rule or group of rules
++policy: 'BSI-SYS-1-3-RHEL9'
++title: 'SYS.1.3 Linux Server (RHEL9)'
++id: bsi_sys_1_3_rhel9
++version: '1.0'
++source: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf
++
++levels:
++    - id: basic
++    - id: standard
++      inherits_from:
++          - basic
++    - id: elevated
++      inherits_from:
++          - standard
++
++reference_type: bsi
++product: rhel9
++
++controls:
++    - id: SYS.1.3.A1
++      title: ELIMINATED
++      levels:
++          - basic
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A2
++      title: Careful Allocation of IDs
++      levels:
++          - basic
++      description: |-
++          (1) Each login name, each user ID (UID) and each group ID (GID) MUST ONLY be used once.
++          (2) Every user MUST be a member of at least one group. (3) Every GID mentioned in the /etc/passwd
++          file MUST be defined in the /etc/group file. (4) Every group SHOULD only contain the users that
++          are absolutely necessary. (5) In networked systems, care MUST also be taken to ensure that user
++          and group names (UIDs and GIDs) are assigned consistently in the system network if there is a
++          possibility that the same UIDs or GIDs could be assigned to different user or group names on
++          the systems during cross-system access.
++      notes: |-
++          Section 2: System accounts do not always have a group
++          Section 4 is a manual control
++          Section 5 this cant be checked on a per system base, and therefore is an organizational control
++      status: partial
++      rules:
++      # Section 1
++          - account_unique_id
++          - account_unique_name
++          - group_unique_id
++          - group_unique_name
++      # Section 2
++      # this could be automated
++      # Section 3
++          - gid_passwd_group_same
++
++    - id: SYS.1.3.A3
++      title: No Automatic Integration of Removable Drives
++      levels:
++          - basic
++      description: |-
++          (1) Removable media such as USB pen drives or CDs/DVDs MUST NOT be integrated automatically.
++      notes: |-
++          https://access.redhat.com/solutions/18978
++      status: automated
++      rules:
++      # USB
++          - grub2_nousb_argument
++          - bios_disable_usb_boot
++          - kernel_module_usb-storage_disabled
++      # Automount
++          - service_autofs_disabled
++
++    - id: SYS.1.3.A4
++      title: Protection from Exploitation of Vulnerabilities in Applications
++      levels:
++          - basic
++      description: |-
++          (1) ASLR and DEP/NX MUST be activated in the kernel and used by applications to make it harder
++          to exploit vulnerabilities in applications. (2) Security functions of the kernel and of the standard
++          libraries (such as heap and stack protection) MUST NOT be disabled.
++      notes: |-
++          This should be the default on all modern platforms
++          Section 2: organizational requirement towards the admin
++      status: automated
++      rules:
++          - bios_enable_execution_restrictions
++          - package_libselinux_installed
++          - grub2_enable_selinux
++          - selinux_not_disabled
++
++    - id: SYS.1.3.A5
++      title: Secure Installation of Software Packages
++      levels:
++          - basic
++      description: |-
++          (1) If software to be installed is to be compiled from source code, it MUST ONLY be unpacked,
++          configured, and compiled using an unprivileged user account. (2) The software to be installed
++          MUST NOT then be installed in the root file system of the server in question in an
++          uncontrolled manner.
++
++          (3) If the software is compiled from the source text, the selected parameters SHOULD be
++          documented appropriately. (4) Based on this documentation, it SHOULD be possible to compile
++          the software in a transparent and reproducible manner at any time. (5) All further installation
++          steps SHOULD also be documented.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.3.A6
++      title: Managing Users and Groups
++      levels:
++          - standard
++      description: |-
++          (1) The corresponding management tools SHOULD be used for managing users and groups. (2) The
++          configuration files /etc/passwd, /etc/shadow, /etc/group, and /etc/sudoers SHOULD NOT be
++          edited directly.
++      notes: |-
++          This requirement must be implemented organizationally.
++          We could add auditing rules for these files, which shows edits, but do not prevent the users
++          in the toolings they use for editing.
++      status: partial
++      rules:
++          - audit_rules_usergroup_modification_passwd
++          - audit_rules_usergroup_modification_shadow
++          - audit_rules_usergroup_modification_group
++          - audit_rules_usergroup_modification_gshadow
++          - audit_rules_usergroup_modification_opasswd
++
++    - id: SYS.1.3.A7
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A8
++      title: Encrypted Access via Secure Shell
++      levels:
++          - standard
++      description: |-
++          (1) Only Secure Shell (SSH) SHOULD be used to create an encrypted and authenticated interactive
++          connection between two IT systems. (2) All other protocols whose functions are covered by
++          Secure Shell SHOULD be disabled completely. (3) For authentication, users SHOULD primarily
++          use certificates instead of passwords.
++      notes: |-
++          Section 1: this should be the default
++          Section 2: this should be the default
++          Section 3: The requirement says PRIMARILY use certificate, not disallow PasswordAuthentication
++          completely
++      status: automated
++      rules:
++      # Section 1
++          - service_sshd_enabled
++          - sshd_allow_only_protocol2
++          - firewalld_sshd_port_enabled
++      # Section 2
++          - package_telnet-server_removed
++          - package_telnet_removed
++      # Section 3
++          - sshd_disable_empty_passwords
++          - sshd_disable_root_password_login
++          - sshd_enable_pubkey_auth
++
++    - id: SYS.1.3.A9
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A10
++      title: Preventing Further Intrusion When Vulnerabilities Are Exploited
++      levels:
++          - standard
++      description: |-
++          (1) Services and applications SHOULD be protected with individual security architecture (e.g.
++          with AppArmor or SELinux). (2) In addition, chroot environments and LXC or Docker containers
++          SHOULD be taken into account here. (3) It SHOULD be ensured that the standard profiles and
++          rules provided are activated.
++      notes: |-
++          Section 2: we could add podman specific tasks, but it would be hard to evaluate if they are
++          used properly
++      status: partial
++      rules:
++      # Section 1
++      # SELinux
++          - package_libselinux_installed
++          - grub2_enable_selinux
++          - selinux_not_disabled
++      # Section 3
++          - var_selinux_policy_name=targeted
++          - selinux_policytype
++          - var_selinux_state=enforcing
++          - selinux_state
++          - selinux_confinement_of_daemons
++
++    - id: SYS.1.3.A11
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A12
++      title: ELIMINATED
++      levels:
++          - standard
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A13
++      title: ELIMINATED
++      levels:
++          - elevated
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A14
++      title: Preventing Unauthorised Collection of System and User Information
++      levels:
++          - standard
++      description: |-
++          (1) Information output for users regarding the operating system and access to protocol and
++          configuration files SHOULD be limited to the required minimum. (2) Moreover, confidential
++          information SHOULD NOT be provided as parameters when commands are issued.
++      notes: |-
++          Section 2: This requirement must be implemented organizationally.
++      status: partial
++      rules:
++      # Section 1
++          - file_groupowner_grub2_cfg
++          - file_owner_grub2_cfg
++          - file_permissions_grub2_cfg
++
++          - file_groupowner_user_cfg
++          - file_owner_user_cfg
++          - file_permissions_user_cfg
++
++          - file_groupowner_efi_grub2_cfg
++          - file_owner_efi_grub2_cfg
++          - file_permissions_efi_grub2_cfg
++
++          - file_groupowner_efi_user_cfg
++          - file_owner_efi_user_cfg
++          - file_permissions_efi_user_cfg
++
++          - file_groupowner_etc_motd
++          - file_owner_etc_motd
++          - file_permissions_etc_motd
++
++          - file_groupowner_etc_issue
++          - file_owner_etc_issue
++          - file_permissions_etc_issue
++
++          - file_groupowner_etc_issue_net
++          - file_owner_etc_issue_net
++          - file_permissions_etc_issue_net
++
++          - file_groupowner_crontab
++          - file_owner_crontab
++          - file_permissions_crontab
++
++          - file_groupowner_cron_hourly
++          - file_owner_cron_hourly
++          - file_permissions_cron_hourly
++
++          - file_groupowner_cron_daily
++          - file_owner_cron_daily
++          - file_permissions_cron_daily
++
++          - file_groupowner_cron_weekly
++          - file_owner_cron_weekly
++          - file_permissions_cron_weekly
++
++          - file_groupowner_cron_monthly
++          - file_owner_cron_monthly
++          - file_permissions_cron_monthly
++
++          - file_groupowner_cron_d
++          - file_owner_cron_d
++          - file_permissions_cron_d
++
++          - file_groupowner_cron_allow
++          - file_owner_cron_allow
++          - file_permissions_cron_allow
++
++          - file_groupowner_at_allow
++          - file_owner_at_allow
++          - file_permissions_at_allow
++
++          - file_groupowner_sshd_config
++          - file_owner_sshd_config
++          - file_permissions_sshd_config
++
++          - file_groupownership_sshd_private_key
++          - file_ownership_sshd_private_key
++          - file_permissions_sshd_private_key
++
++          - file_groupownership_sshd_pub_key
++          - file_ownership_sshd_pub_key
++          - file_permissions_sshd_pub_key
++
++          - file_group_ownership_var_log_audit
++          - file_ownership_var_log_audit
++          - file_permissions_var_log_audit
++
++          - file_groupownership_audit_configuration
++          - file_ownership_audit_configuration
++          - file_permissions_audit_configuration
++
++          - file_groupownership_audit_binaries
++          - file_ownership_audit_binaries
++          - file_permissions_audit_binaries
++
++          - file_groupowner_etc_passwd
++          - file_owner_etc_passwd
++          - file_permissions_etc_passwd
++
++          - file_groupowner_backup_etc_passwd
++          - file_owner_backup_etc_passwd
++          - file_permissions_backup_etc_passwd
++
++          - file_groupowner_etc_group
++          - file_owner_etc_group
++          - file_permissions_etc_group
++
++          - file_groupowner_backup_etc_group
++          - file_owner_backup_etc_group
++          - file_permissions_backup_etc_group
++
++          - file_groupowner_etc_shadow
++          - file_owner_etc_shadow
++          - file_permissions_etc_shadow
++
++          - file_groupowner_backup_etc_shadow
++          - file_owner_backup_etc_shadow
++          - file_permissions_backup_etc_shadow
++
++          - file_groupowner_etc_gshadow
++          - file_owner_etc_gshadow
++          - file_permissions_etc_gshadow
++
++          - file_groupowner_backup_etc_gshadow
++          - file_owner_backup_etc_gshadow
++          - file_permissions_backup_etc_gshadow
++
++          - file_groupowner_etc_shells
++          - file_owner_etc_shells
++          - file_permissions_etc_shells
++
++          - file_permissions_unauthorized_world_writable
++
++          - file_permissions_ungroupowned
++
++          - file_permissions_unauthorized_suid
++          - file_permissions_unauthorized_sgid
++
++          - file_groupownership_home_directories
++          - file_ownership_home_directories
++          - file_permissions_home_directories
++
++    - id: SYS.1.3.A15
++      title: ELIMINATED
++      levels:
++          - elevated
++      description: |-
++          This requirement has been eliminated.
++      notes: |-
++          This requirement has been eliminated.
++      status: not applicable
++
++    - id: SYS.1.3.A16
++      title: Additional Prevention of Further Intrusion When Vulnerabilities Are Exploited
++      levels:
++          - elevated
++      description: |-
++          (1) The use of system calls SHOULD be limited to those absolutely necessary, particularly for
++          exposed services and applications. (2) The standard profiles and/or rules (e.g. of SELinux or
++          AppArmor) SHOULD be checked manually and, if necessary, adapted to an organisation's own
++          security policies. (3) If necessary, new rules and profiles SHOULD be drawn up.
++      notes: |-
++          This requirement must be implemented organizationally.
++      status: manual
++
++    - id: SYS.1.3.A17
++      title: Additional Kernel Protection
++      levels:
++          - elevated
++      description: |-
++          (1) Specially hardened kernels (e.g. grsecurity, PaX) and appropriate protective safeguards such as
++          memory protection or file system protection SHOULD be implemented to prevent
++          exploitation of vulnerabilities and propagation in operating systems.
++      notes: |-
++          Section 1: Red Hat does not provide specifically hardened kernels. If using them, please be
++          aware of the support policy for 3rd Party software (https://access.redhat.com/third-party-software-support).
++      status: does not meet
++      rules: []
+diff --git a/products/almalinux9/controls/ccn_rhel9.yml b/products/almalinux9/controls/ccn_rhel9.yml
+new file mode 100644
+index 000000000..3233252f5
+--- /dev/null
++++ b/products/almalinux9/controls/ccn_rhel9.yml
+@@ -0,0 +1,844 @@
++---
++policy: CCN-STIC-610A22
++title: Security Profile Application Guide for Red Hat Enterprise Linux 9
++id: ccn_rhel9
++version: '2022-10'
++source: https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html
++
++levels:
++    - id: basic
++    - id: intermediate
++      inherits_from:
++          - basic
++    - id: advanced
++      inherits_from:
++          - intermediate
++
++reference_type: ccn
++product: rhel9
++
++controls:
++    - id: reload_dconf_db
++      title: Reload Dconf Database
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      notes: |-
++          This is a helper rule to reload Dconf database correctly.
++      status: automated
++      rules:
++          - dconf_db_up_to_date
++
++    - id: enable_authselect
++      title: Enable Authselect
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      notes: |-
++          The policy doesn't have any section where this would fit better.
++      status: automated
++      rules:
++          - var_authselect_profile=sssd
++          - enable_authselect
++
++    - id: A.3.SEC-RHEL1
++      title: Session Initiation is Audited
++      original_title: Se auditan los inicios de sesión.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - audit_rules_session_events_utmp
++          - audit_rules_session_events_btmp
++          - audit_rules_session_events_wtmp
++          - audit_rules_login_events_faillock
++          - audit_rules_login_events_lastlog
++
++    - id: A.3.SEC-RHEL2
++      title: Control Who Can Access Security and Audit Logs
++      original_title: Se controla quien puede acceder a los registros de seguridad y auditoría.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - file_permissions_var_log_audit
++          - file_ownership_var_log_audit
++          - file_group_ownership_var_log_audit
++          - directory_permissions_var_log_audit
++
++    - id: A.3.SEC-RHEL3
++      title: System Time Change is Controlled
++      original_title: Se controla el cambio de hora del sistema.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - package_chrony_installed
++          - chronyd_specify_remote_server
++          - chronyd_run_as_chrony_user
++          - var_multiple_time_servers=rhel
++
++    - id: A.3.SEC-RHEL4
++      title: Control Who Can Generate or Modify Audit Rules
++      original_title: Se controla quién puede generar o modificar reglas de audit.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - file_permissions_audit_configuration
++          - file_ownership_audit_configuration
++          - file_groupownership_audit_configuration
++
++    - id: A.3.SEC-RHEL5
++      title: A Detailed Audit Has Been Implemented Based on Subcategories
++      original_title: Se ha implementado la auditoría detallada basada en subcategorías.
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          It is not clear the intention of this requirement since there is no definition of these
++          subcategories. The project has many audit related rules. Clarifying these subcategories
++          we can select the proper rules.
++
++    - id: A.3.SEC-RHEL6
++      title: At Least 90 Days of Activity Logs Are Guaranteed
++      original_title: Se garantiza al menos 90 días de registros de actividad.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - auditd_data_retention_max_log_file_action
++          - var_auditd_max_log_file_action=keep_logs
++
++    - id: A.3.SEC-RHEL7
++      title: Modifications to the Sudoers File Are Audited, As Are Changes to Permissions, Users, Groups,
++          and Passwords
++      original_title: Se auditan las modificaciones del fichero sudoers, así como los cambios en permisos,
++          usuarios, grupos y contraseñas.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - audit_sudo_log_events
++          - audit_rules_usergroup_modification_group
++          - audit_rules_usergroup_modification_gshadow
++          - audit_rules_usergroup_modification_opasswd
++          - audit_rules_usergroup_modification_passwd
++          - audit_rules_usergroup_modification_shadow
++          - audit_rules_sysadmin_actions
++          - audit_rules_dac_modification_chmod
++          - audit_rules_dac_modification_chown
++          - audit_rules_dac_modification_fchmod
++          - audit_rules_dac_modification_fchmodat
++          - audit_rules_dac_modification_fchown
++          - audit_rules_dac_modification_fchownat
++          - audit_rules_dac_modification_fremovexattr
++          - audit_rules_dac_modification_fsetxattr
++          - audit_rules_dac_modification_lchown
++          - audit_rules_dac_modification_lremovexattr
++          - audit_rules_dac_modification_lsetxattr
++          - audit_rules_dac_modification_removexattr
++          - audit_rules_dac_modification_setxattr
++
++    - id: A.3.SEC-RHEL8
++      title: Changes to Cron Settings and Scheduled Tasks Including Startup Scripts Are Audited
++      original_title: Se auditan los cambios en la configuración de Cron y en tareas programadas incluyendo
++          los de scripts de inicio.
++      levels:
++          - advanced
++      status: pending
++      notes: |-
++          Some possible rules were included here but it is not clear if the requirement intends to
++          check more than these rules. We can see if more related rules are available in the project
++          and include everything that makes sense in the context of cron and chrony.
++      related_rules:
++          - audit_rules_time_adjtimex
++          - audit_rules_time_settimeofday
++          - audit_rules_time_clock_settime
++          - audit_rules_time_stime
++          - audit_rules_time_watch_localtime
++
++    - id: A.3.SEC-RHEL9
++      title: Attempts to Access Critical Items Are Audited
++      original_title: Se auditan los intentos de acceso a elementos críticos.
++      levels:
++          - advanced
++      status: automated
++      rules:
++          - audit_rules_unsuccessful_file_modification_creat
++          - audit_rules_unsuccessful_file_modification_ftruncate
++          - audit_rules_unsuccessful_file_modification_open
++          - audit_rules_unsuccessful_file_modification_openat
++          - audit_rules_unsuccessful_file_modification_truncate
++
++    - id: A.3.SEC-RHEL10
++      title: All Mount Operations on the System and Changes to the Swap Are Audited
++      original_title: Se audita toda operación de montaje en el sistema y modificaciones en la memoria
++          de intercambio.
++      levels:
++          - intermediate
++          - advanced
++      status: partial
++      notes: |-
++          We probably have audit related rule to monitor mount related syscalls, but it is not clear
++          about the swap. Is the intention to monitor when swap is changed?
++      rules:
++          - audit_rules_media_export
++
++    - id: A.3.SEC-RHEL11
++      title: Modifications in PAM Files Are Audited
++      original_title: Se auditan modificaciones en ficheros PAM.
++      levels:
++          - advanced
++      status: pending
++      notes: |-
++          The intention here is probably to audit changes in /etc/pam.d files, but we need to confirm
++          this assumption and get more context.
++
++    - id: A.4.SEC-RHEL1
++      title: Common Users Do Dot Have Local Administrator Permissions and Are Not Included in a Sudo
++          Group
++      original_title: Los usuarios estándar no disponen de permisos de administrador local ni se encuentran
++          incluidos en un grupo sudoer.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          It is a little tricky to interpret this requirement. Assuming the "Common users" are actually
++          interactive users, this requirement would automatically enforce all admin actions to be
++          performed only by the root user. I am not sure if this is the intetion here.
++
++    - id: A.4.SEC-RHEL2
++      title: The System Has an Updated Antivirus
++      original_title: El sistema tiene un antivirus y este está actualizado.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          New templated rule is necessary to install the package. But to ensure the chosen antivirus
++          is actually updated would demand a more complex rule. Maybe this requirement can have at
++          leastthe partial status after the templated rule.
++
++    - id: A.4.SEC-RHEL3
++      title: Permissions by Partitions Are Modified
++      original_title: Se modifican los permisos por particiones.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          Related to nosuid, noexec and nodev options but in /boot. More context is needed.
++
++    - id: A.5.SEC-RHEL1
++      title: Login and Impersonation Permissions Are Controlled
++      original_title: Se controlan los permisos de inicio de sesión y suplantación de identidad.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - sudo_add_use_pty
++          - use_pam_wheel_for_su
++
++    - id: A.5.SEC-RHEL2
++      title: Elevation Attempts Are Controlled by Defining Users and Sudoer Groups
++      original_title: Se controlan los intentos de elevación mediante definición de usuarios y grupos
++          sudoers.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - sudo_require_authentication
++          - sudo_require_reauthentication
++
++    - id: A.5.SEC-RHEL3
++      title: Access to Encryption Keys is Controlled
++      original_title: Se controla el acceso a las claves de cifrado.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          There are rules for ssh_keys, for example. We need to confirm the scope of this requirement
++
++    - id: A.5.SEC-RHEL4
++      title: Disable Insecure Encryption Algorithms
++      original_title: Se han deshabilitado los algoritmos de cifrado inseguros.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - configure_crypto_policy
++          - var_system_crypto_policy=default_policy
++
++    - id: A.5.SEC-RHEL5
++      title: Recurring Password Change is Required
++      original_title: Se exige el cambio de contraseña de forma recurrente.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - accounts_maximum_age_login_defs
++          - accounts_minimum_age_login_defs
++          - accounts_password_set_max_life_existing
++          - accounts_password_set_min_life_existing
++          - accounts_password_set_warn_age_existing
++          - accounts_password_warn_age_login_defs
++          - var_accounts_maximum_age_login_defs=45
++          - var_accounts_minimum_age_login_defs=2
++          - var_accounts_password_warn_age_login_defs=10
++
++    - id: A.5.SEC-RHEL6
++      title: Secure Protocols Are Used For the Network Authentication Processes
++      original_title: Se hace uso de protocolos seguros para los procesos de autenticación de red.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - configure_ssh_crypto_policy
++
++    - id: A.5.SEC-RHEL7
++      title: Network Session Inactivity is Controlled
++      original_title: Se controla la inactividad de la sesión de red.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - sshd_idle_timeout_value=15_minutes
++          - sshd_set_idle_timeout
++          - sshd_set_keepalive
++          - var_sshd_set_keepalive=1
++
++    - id: A.5.SEC-RHEL8
++      title: Local and Remote Console Inactivity is Controlled
++      original_title: Se controla la inactividad de consola local y remota.
++      levels:
++          - advanced
++      status: automated
++      rules:
++          - accounts_tmout
++          - var_accounts_tmout=5_min
++
++    - id: A.6.SEC-RHEL1
++      title: The Security of Sensitive System Objects is Reinforced
++      original_title: Se refuerza la seguridad de los objetos sensibles del sistema.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - grub2_enable_selinux
++          - package_libselinux_installed
++          - selinux_policytype
++          - selinux_state
++          - var_selinux_policy_name=targeted
++          - var_selinux_state=enforcing
++
++    - id: A.6.SEC-RHEL2
++      title: Access in Recovery Mode Including Grub Boot Modification Mode is Restricted
++      original_title: Se restringen accesos en modo recuperación incluido el modo modificación de inicio
++          de grub.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - file_groupowner_grub2_cfg
++          - file_groupowner_user_cfg
++          - file_owner_grub2_cfg
++          - file_owner_user_cfg
++          - file_permissions_grub2_cfg
++          - file_permissions_user_cfg
++
++    - id: A.6.SEC-RHEL3
++      title: Service Users Shell is Limited to "/bin/false"
++      original_title: Se limita la shell de usuarios de servicio a "/bin/false".
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      notes: |-
++          "/sbin/nologin" might be a better option
++      rules:
++          - no_password_auth_for_systemaccounts
++          - no_shelllogin_for_systemaccounts
++
++    - id: A.6.SEC-RHEL4
++      title: The Use of Sessions With the "root" User is Restricted
++      original_title: Se restringe el uso de sesiones con usuario "root".
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - ensure_root_password_configured
++          - no_empty_passwords_etc_shadow
++
++    - id: A.6.SEC-RHEL5
++      title: The Global System Mask is Modified To Be More Restrictive
++      original_title: Se modifica la máscara global del sistema para ser más restrictiva.
++      levels:
++          - advanced
++      status: automated
++      rules:
++          - accounts_umask_etc_bashrc
++          - accounts_umask_etc_login_defs
++          - accounts_umask_etc_profile
++          - var_accounts_user_umask=027
++
++    - id: A.6.SEC-RHEL6
++      title: Unnecessary Groups and Users are Removed From the System
++      original_title: Se eliminan los grupos y usuarios innecesarios del sistema.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: manual
++
++    - id: A.8.SEC-RHEL1
++      title: Control Who Can Install Software on the System
++      original_title: Se controla quién puede instalar software en el sistema.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++
++    - id: A.8.SEC-RHEL2
++      title: The Operating System is Updated
++      original_title: El sistema operativo está actualizado.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: manual
++      related_rules:
++          - security_patches_up_to_date
++
++    - id: A.8.SEC-RHEL3
++      title: The System Has an Activated Local Firewall
++      original_title: El sistema tiene un firewall local activado.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - firewalld_loopback_traffic_restricted
++          - firewalld_loopback_traffic_trusted
++          - service_firewalld_enabled
++          - package_firewalld_installed
++          - service_nftables_disabled
++          - set_firewalld_default_zone
++
++    - id: A.8.SEC-RHEL4
++      title: Unnecessary Services are Disabled, Reducing the Attack Surface
++      original_title: Se deshabilitan servicios innecesarios, reduciendo la superficie de exposición.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - kernel_module_squashfs_disabled
++          - kernel_module_udf_disabled
++          - package_bind_removed
++          - package_cyrus-imapd_removed
++          - package_dovecot_removed
++          - package_net-snmp_removed
++          - package_squid_removed
++          - package_telnet-server_removed
++          - package_tftp-server_removed
++          - package_vsftpd_removed
++
++    - id: A.8.SEC-RHEL5
++      title: Application Execution is Controlled
++      original_title: Se controla la ejecución de aplicaciones.
++      levels:
++          - advanced
++      status: pending
++      notes: |-
++          This might be related to SELinux or fapolicyd.
++          We need more context to confirm the intention of this requirement
++
++    - id: A.8.SEC-RHEL6
++      title: Anti-Ransomware Measures are Enabled
++      original_title: Se dispone de medidas anti ransomware habilitadas.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: partial
++      notes: |-
++          These are mentioned to be reviewed but not enforced:
++          # net.ipv4.icmp_echo_ignore_all = 1
++          # net.ipv4.tcp_timestamps = 0
++          # net.ipv4.tcp_max_syn_backlog = 1280
++          # sysctl_net_ipv6_conf_all_disable_ipv6
++          # sysctl_net_ipv6_conf_default_disable_ipv6
++      rules:
++          - sysctl_net_ipv4_conf_all_send_redirects
++          - sysctl_net_ipv4_conf_all_accept_redirects
++          - sysctl_net_ipv4_conf_all_secure_redirects
++          - sysctl_net_ipv4_conf_all_accept_source_route
++          - sysctl_net_ipv4_conf_all_log_martians
++          - sysctl_net_ipv4_conf_default_send_redirects
++          - sysctl_net_ipv4_conf_default_accept_redirects
++          - sysctl_net_ipv4_conf_default_secure_redirects
++          - sysctl_net_ipv4_conf_default_accept_source_route
++          - sysctl_net_ipv4_conf_default_log_martians
++          - sysctl_net_ipv4_icmp_ignore_bogus_error_responses
++          - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
++          - sysctl_net_ipv4_tcp_syncookies
++          - sysctl_net_ipv6_conf_all_accept_source_route
++          - sysctl_net_ipv6_conf_all_accept_redirects
++          - sysctl_net_ipv6_conf_all_accept_ra
++          - sysctl_net_ipv6_conf_default_accept_source_route
++          - sysctl_net_ipv6_conf_default_accept_redirects
++          - sysctl_net_ipv6_conf_default_accept_ra
++          - sysctl_fs_suid_dumpable
++          - sysctl_net_ipv4_ip_forward
++          - sysctl_net_ipv4_conf_all_rp_filter
++          - sysctl_net_ipv4_conf_default_rp_filter
++
++    - id: A.8.SEC-RHEL7
++      title: Password Encrypted Boot That Prevents Modification is Enabled (Protected GRUB)
++      original_title: Está habilitado el arranque cifrado con contraseña que evite modificaciones (GRUB
++          protegido).
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - grub2_password
++
++    - id: A.8.SEC-RHEL8
++      title: File Download is Audited
++      original_title: Se audita la descarga de archivos.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          Is it related to downloads from the Internet to the system or from the system to an external
++          storage, for example?
++      related_rules:
++          - audit_rules_file_deletion_events_rename
++          - audit_rules_file_deletion_events_renameat
++          - audit_rules_file_deletion_events_unlink
++          - audit_rules_file_deletion_events_unlinkat
++
++    - id: A.8.SEC-RHEL9
++      title: System Compilers are Disabled
++      original_title: Están deshabilitados los compiladores del sistema.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          Maybe simply removing the packages is enough.
++
++    - id: A.11.SEC-RHEL1
++      title: Local Log On To the System is Controlled
++      original_title: Se controla el inicio de sesión local en el sistema.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          Is it related to TTY access, physical access, local users authentication, etc?
++          It is not not clear the scope.
++
++    - id: A.11.SEC-RHEL2
++      title: The Security of the SSH Protocol is Strengthened
++      original_title: Se ha reforzado la seguridad del protocolo SSH.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - sshd_limit_user_access
++
++    - id: A.11.SEC-RHEL3
++      title: A Robust Credential Policy is In Place
++      original_title: Se dispone de una política de credenciales robusta.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - accounts_password_pam_minclass
++          - accounts_password_pam_minlen
++          - accounts_password_pam_retry
++          - var_password_pam_minclass=4
++          - var_password_pam_minlen=14
++
++    - id: A.11.SEC-RHEL4
++      title: During Login, the System Displays a Text in Compliance With the Organization's Standards
++          or Directives
++      original_title: Durante el inicio de sesión, el sistema muestra un texto en cumplimiento con las
++          normas o directivas de la organización.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - banner_etc_issue
++          - banner_etc_issue_net
++          - banner_etc_motd
++          - dconf_gnome_banner_enabled
++          - dconf_gnome_login_banner_text
++          - sshd_enable_warning_banner_net
++          - login_banner_text=cis_banners
++          - motd_banner_text=cis_banners
++          - remote_login_banner_text=cis_banners
++
++    - id: A.11.SEC-RHEL5
++      title: Network Acess to the System is Controlled
++      original_title: Se controla el acceso al sistema a través de la red.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: manual
++      related_rules:
++          - configure_firewalld_ports
++
++    - id: A.11.SEC-RHEL6
++      title: Only Strong Encryption Algorithms are Allowed in Accesses to the System
++      original_title: Sólo se permiten algoritmos de cifrado robustos en accesos al sistema.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      notes: |-
++          It overlaps the rule in A.5.SEC-RHEL6 requirement
++      related_rules:
++          - configure_ssh_crypto_policy
++
++    - id: A.11.SEC-RHEL7
++      title: GUI Idle Time is Limited
++      original_title: Se limita el tiempo de inactividad del GUI.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - dconf_gnome_screensaver_idle_delay
++          - dconf_gnome_screensaver_lock_delay
++          - inactivity_timeout_value=5_minutes
++          - var_screensaver_lock_delay=immediate
++
++    - id: A.11.SEC-RHEL8
++      title: A Dissuasive Banner is Displayed
++      original_title: Se muestra un banner disuasorio.
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          It seems to duplicate the A.11.SEC-RHEL4 requirement
++
++    - id: A.11.SEC-RHEL9
++      title: The User List is Disabled
++      original_title: Se deshabilita la lista de usuarios.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - dconf_gnome_disable_user_list
++
++    - id: A.11.SEC-RHEL10
++      title: File History is Disabled
++      original_title: Se deshabilita recordar el historial de ficheros.
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          New rules might be necessary.
++
++    - id: A.11.SEC-RHEL11
++      title: Key Combination to Launch GTK Inspector is Disabled
++      original_title: Se deshabilita combinación de teclas para iniciar el inspector GTK
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          New rules might be necessary.
++
++    - id: A.11.SEC-RHEL12
++      title: Auto-Mounting of Removable Devices on the System is Disabled
++      original_title: Se deshabilita el auto montaje de dispositivos extraíbles en el sistema.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - dconf_gnome_disable_automount
++          - dconf_gnome_disable_automount_open
++          - dconf_gnome_disable_autorun
++
++    - id: A.15.SEC-RHEL1
++      title: The Use of Removable Storage Media is Controlled
++      original_title: Se controla el uso de medios de almacenamiento extraíbles.
++      levels:
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - kernel_module_usb-storage_disabled
++
++    - id: A.19.SEC-RHEL1
++      title: Access to the Folder and File Tree is Controlled
++      original_title: Se controla el acceso al árbol de carpetas y ficheros.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          More context should be provided to clarify this requirement
++
++    - id: A.19.SEC-RHEL2
++      title: Measures Are Applied to Protect Accounts
++      original_title: Se aplican medidas para la protección de las cuentas.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          This is already covered by other requirements. Maybe more rules could be included here.
++
++    - id: A.19.SEC-RHEL3
++      title: A Robust Algorithm and Password Complexity Are Enabled
++      original_title: Está habilitado un algoritmo robusto y la complejidad de contraseñas.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - set_password_hashing_algorithm_systemauth
++          - set_password_hashing_algorithm_passwordauth
++          - set_password_hashing_algorithm_logindefs
++          - var_password_hashing_algorithm=SHA512
++          - var_password_hashing_algorithm_pam=sha512
++
++    - id: A.23.SEC-RHEL1
++      title: The Installation And Use of Any Device Connected to the Equipment is Controlled
++      original_title: Se controla la instalación y uso de cualquier dispositivo conectado al equipo.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: automated
++      rules:
++          - package_usbguard_installed
++          - service_usbguard_enabled
++          - usbguard_generate_policy
++
++    - id: A.23.SEC-RHEL2
++      title: The Dynamic Mounting and Unmounting of File Systems is Restricted
++      original_title: Se restringe el montaje y desmontaje dinámico de sistemas de archivos.
++      levels:
++          - basic
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          It seems to duplicate the A.11.SEC-RHEL12 requirement.
++
++    - id: A.24.SEC-RHEL1
++      title: Privileges That Affect System Performance Are Controlled
++      original_title: Se controlan los privilegios que afectan al rendimiento del sistema.
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      notes: |-
++          Is it about system limits?
++
++    - id: A.24.SEC-RHEL2
++      title: Control Who Can Turn Off the System
++      original_title: Se controla quien puede apagar el sistema.
++      levels:
++          - intermediate
++          - advanced
++      status: pending
++      related_rules:
++          - disable_ctrlaltdel_burstaction
++          - disable_ctrlaltdel_reboot
++
++    - id: A.25.SEC-RHEL1
++      title: System Disk is Encrypted
++      original_title: El disco del sistema está cifrado.
++      levels:
++          - advanced
++      status: automated
++      rules:
++          - encrypt_partitions
++          - package_cryptsetup-luks_installed
++
++    - id: A.25.SEC-RHEL2
++      title: The Data Disk is Encrypted
++      original_title: El disco de datos está cifrado.
++      levels:
++          - advanced
++      status: automated
++      notes: |-
++          The rules in this requirement overlaps the A.25.SEC-RHEL1 requirement
++      related_rules:
++          - package_cryptsetup-luks_installed
++          - encrypt_partitions
++
++    - id: A.30.SEC-RHEL1
++      title: There Is an Account Lockout Policy for Incorrect Logins
++      original_title: Existe una política de bloqueo de cuentas ante inicios de sesión incorrectos.
++      levels:
++          - advanced
++      status: automated
++      rules:
++          - accounts_passwords_pam_faillock_deny
++          - accounts_passwords_pam_faillock_unlock_time
++          - var_accounts_passwords_pam_faillock_deny=8
++          - var_accounts_passwords_pam_faillock_unlock_time=never
+diff --git a/products/almalinux9/controls/cis_rhel9.yml b/products/almalinux9/controls/cis_rhel9.yml
+new file mode 100644
+index 000000000..e5b03ac75
+--- /dev/null
++++ b/products/almalinux9/controls/cis_rhel9.yml
+@@ -0,0 +1,3112 @@
++---
++policy: 'CIS Benchmark for Red Hat Enterprise Linux 9'
++title: 'CIS Benchmark for Red Hat Enterprise Linux 9'
++id: cis_rhel9
++version: '2.0.0'
++source: https://www.cisecurity.org/cis-benchmarks/#red_hat_linux
++
++levels:
++    - id: l1_server
++    - id: l2_server
++      inherits_from:
++          - l1_server
++    - id: l1_workstation
++    - id: l2_workstation
++      inherits_from:
++          - l1_workstation
++
++reference_type: cis
++product: rhel9
++
++controls:
++    - id: reload_dconf_db
++      title: Reload Dconf database
++      levels:
++          - l1_server
++          - l1_workstation
++      notes: |-
++          This is a helper rule to reload Dconf database correctly.
++      status: automated
++      rules:
++          - dconf_db_up_to_date
++
++    - id: enable_authselect
++      title: Enable Authselect
++      levels:
++          - l1_server
++          - l1_workstation
++      notes: |-
++          We need this in all CIS versions, but the policy doesn't have any section where this
++          would fit better.
++      status: automated
++      rules:
++          - var_authselect_profile=sssd
++          - enable_authselect
++
++    - id: 1.1.1.1
++      title: Ensure cramfs kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - kernel_module_cramfs_disabled
++
++    - id: 1.1.1.2
++      title: Ensure freevxfs kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - kernel_module_freevxfs_disabled
++
++    - id: 1.1.1.3
++      title: Ensure hfs kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - kernel_module_hfs_disabled
++
++    - id: 1.1.1.4
++      title: Ensure hfsplus kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - kernel_module_hfsplus_disabled
++
++    - id: 1.1.1.5
++      title: Ensure jffs2 kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - kernel_module_jffs2_disabled
++
++    - id: 1.1.1.6
++      title: Ensure squashfs kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_squashfs_disabled
++
++    - id: 1.1.1.7
++      title: Ensure udf kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_udf_disabled
++
++    - id: 1.1.1.8
++      title: Ensure usb-storage kernel module is not available (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_usb-storage_disabled
++
++    - id: 1.1.1.9
++      title: Ensure unused filesystems kernel modules are not available (Manual)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: manual
++
++    - id: 1.1.2.1.1
++      title: Ensure /tmp is a separate partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - partition_for_tmp
++
++    - id: 1.1.2.1.2
++      title: Ensure nodev option set on /tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_tmp_nodev
++
++    - id: 1.1.2.1.3
++      title: Ensure nosuid option set on /tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_tmp_nosuid
++
++    - id: 1.1.2.1.4
++      title: Ensure noexec option set on /tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_tmp_noexec
++
++    - id: 1.1.2.2.1
++      title: Ensure /dev/shm is a separate partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - partition_for_dev_shm
++
++    - id: 1.1.2.2.2
++      title: Ensure nodev option set on /dev/shm partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_dev_shm_nodev
++
++    - id: 1.1.2.2.3
++      title: Ensure nosuid option set on /dev/shm partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_dev_shm_nosuid
++
++    - id: 1.1.2.2.4
++      title: Ensure noexec option set on /dev/shm partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_dev_shm_noexec
++
++    - id: 1.1.2.3.1
++      title: Ensure separate partition exists for /home (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - partition_for_home
++
++    - id: 1.1.2.3.2
++      title: Ensure nodev option set on /home partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_home_nodev
++
++    - id: 1.1.2.3.3
++      title: Ensure nosuid option set on /home partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_home_nosuid
++
++    - id: 1.1.2.4.1
++      title: Ensure separate partition exists for /var (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - partition_for_var
++
++    - id: 1.1.2.4.2
++      title: Ensure nodev option set on /var partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_nodev
++
++    - id: 1.1.2.4.3
++      title: Ensure nosuid option set on /var partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_nosuid
++
++    - id: 1.1.2.5.1
++      title: Ensure separate partition exists for /var/tmp (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - partition_for_var_tmp
++
++    - id: 1.1.2.5.2
++      title: Ensure nodev option set on /var/tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_tmp_nodev
++
++    - id: 1.1.2.5.3
++      title: Ensure nosuid option set on /var/tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_tmp_nosuid
++
++    - id: 1.1.2.5.4
++      title: Ensure noexec option set on /var/tmp partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_tmp_noexec
++
++    - id: 1.1.2.6.1
++      title: Ensure separate partition exists for /var/log (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - partition_for_var_log
++
++    - id: 1.1.2.6.2
++      title: Ensure nodev option set on /var/log partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_nodev
++
++    - id: 1.1.2.6.3
++      title: Ensure nosuid option set on /var/log partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_nosuid
++
++    - id: 1.1.2.6.4
++      title: Ensure noexec option set on /var/log partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_noexec
++
++    - id: 1.1.2.7.1
++      title: Ensure separate partition exists for /var/log/audit (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - partition_for_var_log_audit
++
++    - id: 1.1.2.7.2
++      title: Ensure nodev option set on /var/log/audit partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_audit_nodev
++
++    - id: 1.1.2.7.3
++      title: Ensure nosuid option set on /var/log/audit partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_audit_nosuid
++
++    - id: 1.1.2.7.4
++      title: Ensure noexec option set on /var/log/audit partition (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - mount_option_var_log_audit_noexec
++
++    - id: 1.2.1.1
++      title: Ensure GPG keys are configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - ensure_redhat_gpgkey_installed
++
++    - id: 1.2.1.2
++      title: Ensure gpgcheck is globally activated (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - ensure_gpgcheck_globally_activated
++          - ensure_gpgcheck_never_disabled
++
++    - id: 1.2.1.3
++      title: Ensure repo_gpgcheck is globally activated (Manual)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: manual
++
++    - id: 1.2.1.4
++      title: Ensure package manager repositories are configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 1.2.2.1
++      title: Ensure updates, patches, and additional security software are installed (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - security_patches_up_to_date
++
++    - id: 1.3.1.1
++      title: Ensure SELinux is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_libselinux_installed
++
++    - id: 1.3.1.2
++      title: Ensure SELinux is not disabled in bootloader configuration (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - grub2_enable_selinux
++
++    - id: 1.3.1.3
++      title: Ensure SELinux policy is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - var_selinux_policy_name=targeted
++          - selinux_policytype
++
++    - id: 1.3.1.4
++      title: Ensure the SELinux mode is not disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - selinux_not_disabled
++
++    - id: 1.3.1.5
++      title: Ensure the SELinux mode is enforcing (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - var_selinux_state=enforcing
++          - selinux_state
++
++    - id: 1.3.1.6
++      title: Ensure no unconfined services exist (Manual)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: manual
++      related_rules:
++          - selinux_confinement_of_daemons
++
++    - id: 1.3.1.7
++      title: Ensure the MCS Translation Service (mcstrans) is not installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_mcstrans_removed
++
++    - id: 1.3.1.8
++      title: Ensure SETroubleshoot is not installed (Automated)
++      levels:
++          - l1_server
++      status: automated
++      rules:
++          - package_setroubleshoot_removed
++
++    - id: 1.4.1
++      title: Ensure bootloader password is set (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          RHEL9 unified the paths for grub2 files.
++      rules:
++          - grub2_password
++      related_rules:
++          - grub2_uefi_password
++
++    - id: 1.4.2
++      title: Ensure access to bootloader config is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          RHEL9 unified the paths for grub2 files. This requirement demands a deeper review of
++          the rules.
++      rules:
++          - file_groupowner_grub2_cfg
++          - file_owner_grub2_cfg
++          - file_permissions_grub2_cfg
++          - file_groupowner_user_cfg
++          - file_owner_user_cfg
++          - file_permissions_user_cfg
++      related_rules:
++          - file_groupowner_efi_grub2_cfg
++          - file_owner_efi_grub2_cfg
++          - file_permissions_efi_grub2_cfg
++          - file_groupowner_efi_user_cfg
++          - file_owner_efi_user_cfg
++          - file_permissions_efi_user_cfg
++
++    - id: 1.5.1
++      title: Ensure address space layout randomization is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Address Space Layout Randomization (ASLR)
++      rules:
++          - sysctl_kernel_randomize_va_space
++
++    - id: 1.5.2
++      title: Ensure ptrace_scope is restricted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_kernel_yama_ptrace_scope
++
++    - id: 1.5.3
++      title: Ensure core dump backtraces are disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - coredump_disable_backtraces
++
++    - id: 1.5.4
++      title: Ensure core dump storage is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - coredump_disable_storage
++
++    - id: 1.6.1
++      title: Ensure system wide crypto policy is not set to legacy (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 1.6.2
++      title: Ensure system wide crypto policy is not set in sshd configuration (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_ssh_crypto_policy
++
++    - id: 1.6.3
++      title: Ensure system wide crypto policy disables sha1 hash and signature support (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 1.6.4
++      title: Ensure system wide crypto policy disables macs less than 128 bits (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 1.6.5
++      title: Ensure system wide crypto policy disables cbc for ssh (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 1.6.6
++      title: Ensure system wide crypto policy disables chacha20-poly1305 for ssh (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      notes: |-
++          User should manually ensure that CVE-2023-48795 is addressed.
++          This is not automated and it might be difficult to automate actually.
++          Therefore, keeping this control as manual.
++    - id: 1.6.7
++      title: Ensure system wide crypto policy disables EtM for ssh (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 1.7.1
++      title: Ensure message of the day is configured properly (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - banner_etc_motd_cis
++          - cis_banner_text=cis
++
++    - id: 1.7.2
++      title: Ensure local login warning banner is configured properly (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - banner_etc_issue_cis
++          - cis_banner_text=cis
++
++    - id: 1.7.3
++      title: Ensure remote login warning banner is configured properly (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - banner_etc_issue_net_cis
++          - cis_banner_text=cis
++
++    - id: 1.7.4
++      title: Ensure access to /etc/motd is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_motd
++          - file_owner_etc_motd
++          - file_permissions_etc_motd
++
++    - id: 1.7.5
++      title: Ensure access to /etc/issue is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_issue
++          - file_owner_etc_issue
++          - file_permissions_etc_issue
++
++    - id: 1.7.6
++      title: Ensure access to /etc/issue.net is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_issue_net
++          - file_owner_etc_issue_net
++          - file_permissions_etc_issue_net
++
++    - id: 1.8.1
++      title: Ensure GNOME Display Manager is removed (Automated)
++      levels:
++          - l2_server
++      status: automated
++      rules:
++          - package_gdm_removed
++
++    - id: 1.8.2
++      title: Ensure GDM login banner is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_banner_enabled
++          - dconf_gnome_login_banner_text
++          - login_banner_text=cis_banners
++
++    - id: 1.8.3
++      title: Ensure GDM disable-user-list option is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_disable_user_list
++
++    - id: 1.8.4
++      title: Ensure GDM screen locks when the user is idle (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_screensaver_idle_delay
++          - dconf_gnome_screensaver_lock_delay
++          - inactivity_timeout_value=15_minutes
++          - var_screensaver_lock_delay=5_seconds
++
++    - id: 1.8.5
++      title: Ensure GDM screen locks cannot be overridden (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_session_idle_user_locks
++          - dconf_gnome_screensaver_user_locks
++
++    - id: 1.8.6
++      title: Ensure GDM automatic mounting of removable media is disabled (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - dconf_gnome_disable_automount
++          - dconf_gnome_disable_automount_open
++
++    - id: 1.8.7
++      title: Ensure GDM disabling automatic mounting of removable media is not overridden (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - dconf_gnome_disable_automount
++          - dconf_gnome_disable_automount_open
++
++    - id: 1.8.8
++      title: Ensure GDM autorun-never is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_disable_autorun
++
++    - id: 1.8.9
++      title: Ensure GDM autorun-never is not overridden (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - dconf_gnome_disable_autorun
++
++    - id: 1.8.10
++      title: Ensure XDMCP is not enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - gnome_gdm_disable_xdmcp
++
++    - id: 2.1.1
++      title: Ensure autofs services are not in use (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - service_autofs_disabled
++
++    - id: 2.1.2
++      title: Ensure avahi daemon services are not in use (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - service_avahi-daemon_disabled
++      related_rules:
++          - package_avahi_removed
++
++    - id: 2.1.3
++      title: Ensure dhcp server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_dhcp_removed
++      related_rules:
++          - service_dhcpd_disabled
++
++    - id: 2.1.4
++      title: Ensure dns server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_bind_removed
++      related_rules:
++          - service_named_disabled
++
++    - id: 2.1.5
++      title: Ensure dnsmasq services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_dnsmasq_removed
++
++    - id: 2.1.6
++      title: Ensure samba file server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_samba_removed
++      related_rules:
++          - service_smb_disabled
++
++    - id: 2.1.7
++      title: Ensure ftp server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_vsftpd_removed
++      related_rules:
++          - service_vsftpd_disabled
++
++    - id: 2.1.8
++      title: Ensure message access server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_dovecot_removed
++          - package_cyrus-imapd_removed
++      related_rules:
++          - service_dovecot_disabled
++    # new rule would be nice to disable cyrus-imapd service
++
++    - id: 2.1.9
++      title: Ensure network file system services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Many of the libvirt packages used by Enterprise Linux virtualization are dependent on the
++          nfs-utils package.
++      rules:
++          - service_nfs_disabled
++      related_rules:
++          - package_nfs-utils_removed
++
++    - id: 2.1.10
++      title: Ensure nis server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: It appears that the ypserv package was never in RHEL 9.
++      related_rules:
++          - service_ypserv_disabled
++          - package_ypserv_removed
++
++    - id: 2.1.11
++      title: Ensure print server services are not in use (Automated)
++      levels:
++          - l1_server
++      status: automated
++      rules:
++          - service_cups_disabled
++      related_rules:
++          - package_cups_removed
++
++    - id: 2.1.12
++      title: Ensure rpcbind services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Many of the libvirt packages used by Enterprise Linux virtualization, and the nfs-utils
++          package used for The Network File System (NFS), are dependent on the rpcbind package.
++      rules:
++          - service_rpcbind_disabled
++      related_rules:
++          - package_rpcbind_removed
++
++    - id: 2.1.13
++      title: Ensure rsync services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_rsync_removed
++      related_rules:
++          - service_rsyncd_disabled
++
++    - id: 2.1.14
++      title: Ensure snmp services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_net-snmp_removed
++      related_rules:
++          - service_snmpd_disabled
++
++    - id: 2.1.15
++      title: Ensure telnet server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_telnet-server_removed
++      related_rules:
++          - service_telnet_disabled
++
++    - id: 2.1.16
++      title: Ensure tftp server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_tftp-server_removed
++      related_rules:
++          - service_tftp_disabled
++
++    - id: 2.1.17
++      title: Ensure web proxy server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_squid_removed
++      related_rules:
++          - service_squid_disabled
++
++    - id: 2.1.18
++      title: Ensure web server services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_httpd_removed
++          - package_nginx_removed
++      related_rules:
++          - service_httpd_disabled
++    # rule would be nice to disable nginx service
++
++    - id: 2.1.19
++      title: Ensure xinetd services are not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: The xinetd appears to never have been in RHEL 9.
++      related_rules:
++          - package_xinetd_removed
++          - service_xinetd_disabled
++
++    - id: 2.1.20
++      title: Ensure X window server services are not in use (Automated)
++      levels:
++          - l2_server
++      status: automated
++      notes: |-
++          The rule also configures correct run level to prevent unbootable system.
++      rules:
++          - package_xorg-x11-server-common_removed
++          - xwindows_runlevel_target
++
++    - id: 2.1.21
++      title: Ensure mail transfer agents are configured for local-only mode (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - postfix_network_listening_disabled
++          - var_postfix_inet_interfaces=loopback-only
++          - has_nonlocal_mta
++
++    - id: 2.1.22
++      title: Ensure only approved services are listening on a network interface (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 2.2.1
++      title: Ensure ftp client is not installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_ftp_removed
++
++    - id: 2.2.2
++      title: Ensure ldap client is not installed (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - package_openldap-clients_removed
++
++    - id: 2.2.3
++      title: Ensure nis client is not installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: It appears this package was never in RHEL 9.
++      related_rules:
++          - package_ypbind_removed
++
++    - id: 2.2.4
++      title: Ensure telnet client is not installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_telnet_removed
++
++    - id: 2.2.5
++      title: Ensure tftp client is not installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_tftp_removed
++
++    - id: 2.3.1
++      title: Ensure time synchronization is in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_chrony_installed
++
++    - id: 2.3.2
++      title: Ensure chrony is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - chronyd_specify_remote_server
++          - var_multiple_time_servers=rhel
++
++    - id: 2.3.3
++      title: Ensure chrony is not run as the root user (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - chronyd_run_as_chrony_user
++
++    - id: 2.4.1.1
++      title: Ensure cron daemon is enabled and active (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_cron_installed
++          - service_crond_enabled
++
++    - id: 2.4.1.2
++      title: Ensure permissions on /etc/crontab are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_crontab
++          - file_owner_crontab
++          - file_permissions_crontab
++
++    - id: 2.4.1.3
++      title: Ensure permissions on /etc/cron.hourly are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_cron_hourly
++          - file_owner_cron_hourly
++          - file_permissions_cron_hourly
++
++    - id: 2.4.1.4
++      title: Ensure permissions on /etc/cron.daily are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_cron_daily
++          - file_owner_cron_daily
++          - file_permissions_cron_daily
++
++    - id: 2.4.1.5
++      title: Ensure permissions on /etc/cron.weekly are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_cron_weekly
++          - file_owner_cron_weekly
++          - file_permissions_cron_weekly
++
++    - id: 2.4.1.6
++      title: Ensure permissions on /etc/cron.monthly are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_cron_monthly
++          - file_owner_cron_monthly
++          - file_permissions_cron_monthly
++
++    - id: 2.4.1.7
++      title: Ensure permissions on /etc/cron.d are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_cron_d
++          - file_owner_cron_d
++          - file_permissions_cron_d
++
++    - id: 2.4.1.8
++      title: Ensure crontab is restricted to authorized users (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_cron_deny_not_exist
++          - file_cron_allow_exists
++          - file_groupowner_cron_allow
++          - file_owner_cron_allow
++          - file_permissions_cron_allow
++
++    - id: 2.4.2.1
++      title: Ensure at is restricted to authorized users (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_at_deny_not_exist
++          - file_at_allow_exists
++          - file_groupowner_at_allow
++          - file_owner_at_allow
++          - file_permissions_at_allow
++
++    - id: 3.1.1
++      title: Ensure IPv6 status is identified (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 3.1.2
++      title: Ensure wireless interfaces are disabled (Automated)
++      levels:
++          - l1_server
++      status: automated
++      rules:
++          - wireless_disable_interfaces
++
++    - id: 3.1.3
++      title: Ensure bluetooth services are not in use (Automated)
++      levels:
++          - l1_server
++          - l2_workstation
++      status: automated
++      rules:
++          - service_bluetooth_disabled
++
++    - id: 3.2.1
++      title: Ensure dccp kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_dccp_disabled
++
++    - id: 3.2.2
++      title: Ensure tipc kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_tipc_disabled
++
++    - id: 3.2.3
++      title: Ensure rds kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_rds_disabled
++
++    - id: 3.2.4
++      title: Ensure sctp kernel module is not available (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - kernel_module_sctp_disabled
++
++    - id: 3.3.1
++      title: Ensure IP forwarding is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_ip_forward
++          - sysctl_net_ipv6_conf_all_forwarding
++          - sysctl_net_ipv6_conf_all_forwarding_value=disabled
++
++    - id: 3.3.2
++      title: Ensure packet redirect sending is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_send_redirects
++          - sysctl_net_ipv4_conf_default_send_redirects
++
++    - id: 3.3.3
++      title: Ensure bogus icmp responses are ignored (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_icmp_ignore_bogus_error_responses
++          - sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled
++
++    - id: 3.3.4
++      title: Ensure broadcast icmp requests are ignored (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
++          - sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled
++
++    - id: 3.3.5
++      title: Ensure icmp redirects are not accepted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_accept_redirects
++          - sysctl_net_ipv4_conf_all_accept_redirects_value=disabled
++          - sysctl_net_ipv4_conf_default_accept_redirects
++          - sysctl_net_ipv4_conf_default_accept_redirects_value=disabled
++          - sysctl_net_ipv6_conf_all_accept_redirects
++          - sysctl_net_ipv6_conf_all_accept_redirects_value=disabled
++          - sysctl_net_ipv6_conf_default_accept_redirects
++          - sysctl_net_ipv6_conf_default_accept_redirects_value=disabled
++
++    - id: 3.3.6
++      title: Ensure secure icmp redirects are not accepted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_secure_redirects
++          - sysctl_net_ipv4_conf_all_secure_redirects_value=disabled
++          - sysctl_net_ipv4_conf_default_secure_redirects
++          - sysctl_net_ipv4_conf_default_secure_redirects_value=disabled
++
++    - id: 3.3.7
++      title: Ensure reverse path filtering is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_rp_filter
++          - sysctl_net_ipv4_conf_all_rp_filter_value=enabled
++          - sysctl_net_ipv4_conf_default_rp_filter
++          - sysctl_net_ipv4_conf_default_rp_filter_value=enabled
++
++    - id: 3.3.8
++      title: Ensure source routed packets are not accepted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_accept_source_route
++          - sysctl_net_ipv4_conf_all_accept_source_route_value=disabled
++          - sysctl_net_ipv4_conf_default_accept_source_route
++          - sysctl_net_ipv4_conf_default_accept_source_route_value=disabled
++          - sysctl_net_ipv6_conf_all_accept_source_route
++          - sysctl_net_ipv6_conf_all_accept_source_route_value=disabled
++          - sysctl_net_ipv6_conf_default_accept_source_route
++          - sysctl_net_ipv6_conf_default_accept_source_route_value=disabled
++
++    - id: 3.3.9
++      title: Ensure suspicious packets are logged (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_conf_all_log_martians
++          - sysctl_net_ipv4_conf_all_log_martians_value=enabled
++          - sysctl_net_ipv4_conf_default_log_martians
++          - sysctl_net_ipv4_conf_default_log_martians_value=enabled
++
++    - id: 3.3.10
++      title: Ensure tcp syn cookies is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv4_tcp_syncookies
++          - sysctl_net_ipv4_tcp_syncookies_value=enabled
++
++    - id: 3.3.11
++      title: Ensure IPv6 router advertisements are not accepted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sysctl_net_ipv6_conf_all_accept_ra
++          - sysctl_net_ipv6_conf_all_accept_ra_value=disabled
++          - sysctl_net_ipv6_conf_default_accept_ra
++          - sysctl_net_ipv6_conf_default_accept_ra_value=disabled
++
++    - id: 4.1.1
++      title: Ensure nftables is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_nftables_installed
++
++    - id: 4.1.2
++      title: Ensure a single firewall configuration utility is in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - service_firewalld_enabled
++          - package_firewalld_installed
++          - service_nftables_disabled
++
++    - id: 4.2.1
++      title: Ensure firewalld drops unnecessary services and ports (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - configure_firewalld_ports
++
++    - id: 4.2.2
++      title: Ensure firewalld loopback traffic is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - firewalld_loopback_traffic_trusted
++          - firewalld_loopback_traffic_restricted
++
++    - id: 4.3.1
++      title: Ensure nftables base chains exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      notes: |-
++          RHEL systems use firewalld for firewall management. Although nftables is the default
++          back-end for firewalld, it is not recommended to use nftables directly when firewalld
++          is in use. When using firewalld the base chains are installed by default.
++      related_rules:
++          - set_nftables_base_chain
++          - var_nftables_table=firewalld
++          - var_nftables_family=inet
++          - var_nftables_base_chain_names=chain_names
++          - var_nftables_base_chain_types=chain_types
++          - var_nftables_base_chain_hooks=chain_hooks
++          - var_nftables_base_chain_priorities=chain_priorities
++          - var_nftables_base_chain_policies=chain_policies
++
++    - id: 4.3.2
++      title: Ensure nftables established connections are configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 4.3.3
++      title: Ensure nftables default deny firewall policy (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      notes: |-
++          RHEL systems use firewalld for firewall management. Although nftables is the default
++          back-end for firewalld, it is not recommended to use nftables directly when firewalld
++          is in use.
++      related_rules:
++          - nftables_ensure_default_deny_policy
++
++    - id: 4.3.4
++      title: Ensure nftables loopback traffic is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      notes: |-
++          RHEL systems use firewalld for firewall management. Although nftables is the default
++          back-end for firewalld, it is not recommended to use nftables directly when firewalld
++          is in use.
++      related_rules:
++          - set_nftables_loopback_traffic
++
++    - id: 5.1.1
++      title: Ensure permissions on /etc/ssh/sshd_config are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_sshd_config
++          - file_owner_sshd_config
++          - file_permissions_sshd_config
++
++    - id: 5.1.2
++      title: Ensure permissions on SSH private host key files are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_permissions_sshd_private_key
++          - file_ownership_sshd_private_key
++          - file_groupownership_sshd_private_key
++
++    - id: 5.1.3
++      title: Ensure permissions on SSH public host key files are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_permissions_sshd_pub_key
++          - file_ownership_sshd_pub_key
++          - file_groupownership_sshd_pub_key
++
++    - id: 5.1.4
++      title: Ensure sshd Ciphers are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 5.1.5
++      title: Ensure sshd KexAlgorithms is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          The status was automated but we need to double check the approach used in this rule.
++          Therefore I moved it to pending until deeper investigation.
++      rules:
++          - sshd_use_strong_kex
++          - sshd_strong_kex=cis_rhel9
++
++    - id: 5.1.6
++      title: Ensure sshd MACs are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - configure_custom_crypto_policy_cis
++
++    - id: 5.1.7
++      title: Ensure sshd access is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_limit_user_access
++
++    - id: 5.1.8
++      title: Ensure sshd Banner is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_enable_warning_banner_net
++      related_rules:
++          - sshd_enable_warning_banner
++
++    - id: 5.1.9
++      title: Ensure sshd ClientAliveInterval and ClientAliveCountMax are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          The requirement gives an example of 45 seconds, but is flexible about the values. It is only
++          necessary to ensure there is a timeout configured in alignment to the site policy.
++      rules:
++          - sshd_idle_timeout_value=5_minutes
++          - sshd_set_idle_timeout
++          - sshd_set_keepalive
++          - var_sshd_set_keepalive=1
++
++    - id: 5.1.10
++      title: Ensure sshd DisableForwarding is enabled (Automated)
++      levels:
++          - l2_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_disable_forwarding
++      related_rules:
++          - sshd_disable_tcp_forwarding
++          - sshd_disable_x11_forwarding
++
++    - id: 5.1.11
++      title: Ensure sshd GSSAPIAuthentication is disabled (Automated)
++      levels:
++          - l2_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Introduced in CIS RHEL9 v2.0.0
++      rules:
++          - sshd_disable_gssapi_auth
++
++    - id: 5.1.12
++      title: Ensure sshd HostbasedAuthentication is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - disable_host_auth
++
++    - id: 5.1.13
++      title: Ensure sshd IgnoreRhosts is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_disable_rhosts
++
++    - id: 5.1.14
++      title: Ensure sshd LoginGraceTime is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_set_login_grace_time
++          - var_sshd_set_login_grace_time=60
++
++    - id: 5.1.15
++      title: Ensure sshd LogLevel is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          The CIS benchmark is not opinionated about which loglevel is selected here. Here, this
++          profile uses VERBOSE by default, as it allows for the capture of login and logout activity
++          as well as key fingerprints.
++      rules:
++          - sshd_set_loglevel_verbose
++      related_rules:
++          - sshd_set_loglevel_info
++
++    - id: 5.1.16
++      title: Ensure sshd MaxAuthTries is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_max_auth_tries_value=4
++          - sshd_set_max_auth_tries
++
++    - id: 5.1.17
++      title: Ensure sshd MaxStartups is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_set_maxstartups
++          - var_sshd_set_maxstartups=10:30:60
++
++    - id: 5.1.18
++      title: Ensure sshd MaxSessions is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_set_max_sessions
++          - var_sshd_max_sessions=10
++
++    - id: 5.1.19
++      title: Ensure sshd PermitEmptyPasswords is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_disable_empty_passwords
++
++    - id: 5.1.20
++      title: Ensure sshd PermitRootLogin is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_disable_root_login
++
++    - id: 5.1.21
++      title: Ensure sshd PermitUserEnvironment is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_do_not_permit_user_env
++
++    - id: 5.1.22
++      title: Ensure sshd UsePAM is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sshd_enable_pam
++
++    - id: 5.2.1
++      title: Ensure sudo is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_sudo_installed
++
++    - id: 5.2.2
++      title: Ensure sudo commands use pty (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sudo_add_use_pty
++
++    - id: 5.2.3
++      title: Ensure sudo log file exists (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sudo_custom_logfile
++
++    - id: 5.2.4
++      title: Ensure users must provide password for escalation (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - sudo_require_authentication
++
++    - id: 5.2.5
++      title: Ensure re-authentication for privilege escalation is not disabled globally (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sudo_require_reauthentication
++
++    - id: 5.2.6
++      title: Ensure sudo authentication timeout is configured correctly (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - sudo_require_reauthentication
++
++    - id: 5.2.7
++      title: Ensure access to the su command is restricted (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Members of "wheel" or GID 0 groups are checked by default if the group option is not set for
++          pam_wheel.so module. The recommendation states the group should be empty to reinforce the
++          use of "sudo" for privileged access. Therefore, members of these groups should be manually
++          checked or a different group should be informed.
++      rules:
++          - var_pam_wheel_group_for_su=cis
++          - use_pam_wheel_group_for_su
++          - ensure_pam_wheel_group_empty
++
++    - id: 5.3.1.1
++      title: Ensure latest version of pam is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          It is necessary a new rule to ensure PAM package is updated.
++
++    - id: 5.3.1.2
++      title: Ensure latest version of authselect is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          It is necessary a new rule to ensure authselect package is updated.
++
++    - id: 5.3.1.3
++      title: Ensure latest version of libpwquality is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          It is necessary a new rule to ensure libpwquality package is updated.
++      rules:
++          - package_pam_pwquality_installed
++
++    - id: 5.3.2.1
++      title: Ensure active authselect profile includes pam modules (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      notes: |-
++          This requirement is hard to be automated without any specific requirement. The policy even
++          states that provided commands are examples, other custom settings might be in place and the
++          settings might be different depending on site policies. The other rules will already make
++          sure there is a correct autheselect profile regardless of the existing settings. It is
++          necessary to better discuss with CIS Community.
++      related_rules:
++          - no_empty_passwords
++
++    - id: 5.3.2.2
++      title: Ensure pam_faillock module is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          This requirement is also indirectly satisfied by the requirement 5.3.3.1.
++      rules:
++          - account_password_pam_faillock_password_auth
++          - account_password_pam_faillock_system_auth
++
++    - id: 5.3.2.3
++      title: Ensure pam_pwquality module is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          This requirement is also indirectly satisfied by the requirement 5.3.3.2.
++      related_rules:
++          - package_pam_pwquality_installed
++
++    - id: 5.3.2.4
++      title: Ensure pam_pwhistory module is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          The module is properly enabled by the rules mentioned in related_rules.
++          Requirements in 5.3.3.3 use these rules.
++      related_rules:
++          - accounts_password_pam_pwhistory_remember_password_auth
++          - accounts_password_pam_pwhistory_remember_system_auth
++
++    - id: 5.3.2.5
++      title: Ensure pam_unix module is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      notes: |-
++          This module is always present by default. It is necessary to investigate if a new rule to
++          check its existence needs to be created. But so far the rule no_empty_passwords, used in
++          5.3.3.4 can ensure this requirement is attended.
++      related_rules:
++          - no_empty_passwords
++
++    - id: 5.3.3.1.1
++      title: Ensure password failed attempts lockout is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_passwords_pam_faillock_deny
++          - var_accounts_passwords_pam_faillock_deny=5
++
++    - id: 5.3.3.1.2
++      title: Ensure password unlock time is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          The policy also accepts value 0, which means the locked accounts should be manually unlocked
++          by an administrator. However, it also mentions that using value 0 can facilitate a DoS
++          attack to legitimate users.
++      rules:
++          - accounts_passwords_pam_faillock_unlock_time
++          - var_accounts_passwords_pam_faillock_unlock_time=900
++
++    - id: 5.3.3.1.3
++      title: Ensure password failed attempts lockout includes root account (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - accounts_passwords_pam_faillock_deny_root
++
++    - id: 5.3.3.2.1
++      title: Ensure password number of changed characters is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_difok
++          - var_password_pam_difok=2
++
++    - id: 5.3.3.2.2
++      title: Ensure password length is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_minlen
++          - var_password_pam_minlen=14
++
++    - id: 5.3.3.2.3
++      title: Ensure password complexity is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          This requirement is expected to be manual. However, in previous versions of the policy
++          it was already automated the configuration of "minclass" option. This posture was kept for
++          RHEL 9 in this new version. Rules related to other options are informed in related_rules.
++          In short, minclass=4 alone can achieve the same result achieved by the combination of the
++          other 4 options mentioned in the policy.
++      rules:
++          - accounts_password_pam_minclass
++          - var_password_pam_minclass=4
++      related_rules:
++          - accounts_password_pam_dcredit
++          - accounts_password_pam_lcredit
++          - accounts_password_pam_ocredit
++          - accounts_password_pam_ucredit
++
++    - id: 5.3.3.2.4
++      title: Ensure password same consecutive characters is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_maxrepeat
++          - var_password_pam_maxrepeat=3
++
++    - id: 5.3.3.2.5
++      title: Ensure password maximum sequential characters is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_maxsequence
++          - var_password_pam_maxsequence=3
++
++    - id: 5.3.3.2.6
++      title: Ensure password dictionary check is enabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_dictcheck
++          - var_password_pam_dictcheck=1
++
++    - id: 5.3.3.2.7
++      title: Ensure password quality is enforced for the root user (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_pam_enforce_root
++
++    - id: 5.3.3.3.1
++      title: Ensure password history remember is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Although mentioned in the section 5.3.3.3, there is no explicit requirement to configure
++          retry option of pam_pwhistory. If come in the future, the rule accounts_password_pam_retry
++          can be used.
++      rules:
++          - accounts_password_pam_pwhistory_remember_password_auth
++          - accounts_password_pam_pwhistory_remember_system_auth
++          - var_password_pam_remember_control_flag=requisite_or_required
++          - var_password_pam_remember=24
++      related_rules:
++          - accounts_password_pam_retry
++
++    - id: 5.3.3.3.2
++      title: Ensure password history is enforced for the root user (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: planned
++      notes: |-
++          A new rule needs to be created to check and remediate the enforce_for_root option in
++          /etc/security/pwhistory.conf. accounts_password_pam_enforce_root can be used as reference.
++
++    - id: 5.3.3.3.3
++      title: Ensure pam_pwhistory includes use_authtok (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      notes: |-
++          In RHEL 9 pam_pwhistory is enabled via authselect feature, as required in 5.3.2.4. The
++          feature automatically set "use_authok" option. In any case, we don't have a rule to check
++          this option specifically.
++      related_rules:
++          - accounts_password_pam_pwhistory_remember_password_auth
++          - accounts_password_pam_pwhistory_remember_system_auth
++
++    - id: 5.3.3.4.1
++      title: Ensure pam_unix does not include nullok (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          The rule more specifically used in this requirement also satify the requirement 5.3.2.5.
++      rules:
++          - no_empty_passwords
++
++    - id: 5.3.3.4.2
++      title: Ensure pam_unix does not include remember (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          Usage of pam_unix.so module together with "remember" option is deprecated and is not
++          recommened by this policy. Instead, it should be used remember option of pam_pwhistory
++          module, as required in 5.3.3.3.1. See here for more details about pam_unix.so:
++          https://bugzilla.redhat.com/show_bug.cgi?id=1778929
++          A new rule needs to be created to remove the remember option from pam_unix module.
++
++    - id: 5.3.3.4.3
++      title: Ensure pam_unix includes a strong password hashing algorithm (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          Changes in logindefs mentioned in this requirement are more specifically covered by 5.4.1.4
++      rules:
++          - set_password_hashing_algorithm_systemauth
++          - set_password_hashing_algorithm_passwordauth
++          - var_password_hashing_algorithm_pam=sha512
++
++    - id: 5.3.3.4.4
++      title: Ensure pam_unix includes use_authtok (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      notes: |-
++          In RHEL 9 pam_unix is enabled by default in all authselect profiles already with the
++          use_authtok option set. In any case, we don't have a rule to check this option specifically,
++          like in 5.3.3.3.3.
++
++    - id: 5.4.1.1
++      title: Ensure password expiration is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_maximum_age_login_defs
++          - var_accounts_maximum_age_login_defs=365
++          - accounts_password_set_max_life_existing
++
++    - id: 5.4.1.2
++      title: Ensure minimum password days is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - accounts_minimum_age_login_defs
++          - var_accounts_minimum_age_login_defs=1
++          - accounts_password_set_min_life_existing
++
++    - id: 5.4.1.3
++      title: Ensure password expiration warning days is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_warn_age_login_defs
++          - var_accounts_password_warn_age_login_defs=7
++          - accounts_password_set_warn_age_existing
++
++    - id: 5.4.1.4
++      title: Ensure strong password hashing algorithm is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - set_password_hashing_algorithm_libuserconf
++          - set_password_hashing_algorithm_logindefs
++          - var_password_hashing_algorithm=SHA512
++          - var_password_hashing_algorithm_pam=sha512
++
++    - id: 5.4.1.5
++      title: Ensure inactive password lock is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - account_disable_post_pw_expiration
++          - accounts_set_post_pw_existing
++          - var_account_disable_post_pw_expiration=45
++
++    - id: 5.4.1.6
++      title: Ensure all users last password change date is in the past (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_last_change_is_in_past
++
++    - id: 5.4.2.1
++      title: Ensure root is the only UID 0 account (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_no_uid_except_zero
++
++    - id: 5.4.2.2
++      title: Ensure root is the only GID 0 account (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      notes: |-
++          The rule confirms the primary group for root, but doesn't check if any other user are also
++          using GID 0. New rule is necessary.
++          There is assessment but no automated remediation for this rule and this sounds reasonable.
++      rules:
++          - accounts_root_gid_zero
++
++    - id: 5.4.2.3
++      title: Ensure group root is the only GID 0 group (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          There is assessment but no automated remediation for this rule and this sounds reasonable.
++      rules:
++          - groups_no_zero_gid_except_root
++
++    - id: 5.4.2.4
++      title: Ensure root account access is controlled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - ensure_root_password_configured
++
++    - id: 5.4.2.5
++      title: Ensure root path integrity (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_root_path_dirs_no_write
++          - root_path_no_dot
++          - no_dirs_unowned_by_root
++          - root_path_all_dirs
++
++    - id: 5.4.2.6
++      title: Ensure root user umask is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          There is no rule to ensure umask in /root/.bash_profile and /root/.bashrc. A new rule have
++          to be created. It can be based on accounts_umask_interactive_users.
++
++    - id: 5.4.2.7
++      title: Ensure system accounts do not have a valid login shell (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - no_password_auth_for_systemaccounts
++          - no_shelllogin_for_systemaccounts
++
++    - id: 5.4.2.8
++      title: Ensure accounts without a valid login shell are locked (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          Introduced in CIS RHEL9 v2.0.0.
++          New rule is necessary.
++
++    - id: 5.4.3.1
++      title: Ensure nologin is not listed in /etc/shells (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: pending
++      notes: |-
++          It is necessary to create a new rule to check and remove nologin from /etc/shells.
++          The no_tmux_in_shells rule can be used as referece.
++
++    - id: 5.4.3.2
++      title: Ensure default user shell timeout is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_tmout
++          - var_accounts_tmout=15_min
++
++    - id: 5.4.3.3
++      title: Ensure default user umask is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_umask_etc_bashrc
++          - accounts_umask_etc_login_defs
++          - accounts_umask_etc_profile
++          - var_accounts_user_umask=027
++
++    - id: 6.1.1
++      title: Ensure AIDE is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_aide_installed
++          - aide_build_database
++
++    - id: 6.1.2
++      title: Ensure filesystem integrity is regularly checked (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - aide_periodic_cron_checking
++
++    - id: 6.1.3
++      title: Ensure cryptographic mechanisms are used to protect the integrity of audit tools (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - aide_check_audit_tools
++      related_rules:
++          - aide_use_fips_hashes
++
++    - id: 6.2.1.1
++      title: Ensure journald service is enabled and active (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - service_systemd-journald_enabled
++
++    - id: 6.2.1.2
++      title: Ensure journald log file access is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 6.2.1.3
++      title: Ensure journald log file rotation is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 6.2.1.4
++      title: Ensure only one logging system is in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          It is necessary to create a new rule to check the status of journald and rsyslog.
++          It would also be necessary a new rule to disable or remove rsyslog.
++
++    - id: 6.2.2.1.1
++      title: Ensure systemd-journal-remote is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - package_systemd-journal-remote_installed
++
++    - id: 6.2.2.1.2
++      title: Ensure systemd-journal-upload authentication is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 6.2.2.1.3
++      title: Ensure systemd-journal-upload is enabled and active (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          Introduced in CIS RHEL9 v2.0.0.
++          New templated rule is necessary.
++
++    - id: 6.2.2.1.4
++      title: Ensure systemd-journal-remote service is not in use (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - socket_systemd-journal-remote_disabled
++
++    - id: 6.2.2.2
++      title: Ensure journald ForwardToSyslog is disabled (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: pending
++      notes: |-
++          This rule conflicts with 6.2.3.3. More investigation is needed to properly solve this.
++      related_rules:
++          - journald_forward_to_syslog
++
++    - id: 6.2.2.3
++      title: Ensure journald Compress is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - journald_compress
++
++    - id: 6.2.2.4
++      title: Ensure journald Storage is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - journald_storage
++
++    - id: 6.2.3.1
++      title: Ensure rsyslog is installed (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      related_rules:
++          - package_rsyslog_installed
++
++    - id: 6.2.3.2
++      title: Ensure rsyslog service is enabled and active (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      related_rules:
++          - service_rsyslog_enabled
++
++    - id: 6.2.3.3
++      title: Ensure journald is configured to send logs to rsyslog (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      related_rules:
++          - journald_forward_to_syslog
++
++    - id: 6.2.3.4
++      title: Ensure rsyslog log file creation mode is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      related_rules:
++          - rsyslog_filecreatemode
++
++    - id: 6.2.3.5
++      title: Ensure rsyslog logging is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++
++    - id: 6.2.3.6
++      title: Ensure rsyslog is configured to send logs to a remote log host (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - rsyslog_remote_loghost
++
++    - id: 6.2.3.7
++      title: Ensure rsyslog is not configured to receive logs from a remote client (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: supported
++      related_rules:
++          - rsyslog_nolisten
++
++    - id: 6.2.3.8
++      title: Ensure rsyslog logrotate is configured (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - ensure_logrotate_activated
++          - package_logrotate_installed
++          - timer_logrotate_enabled
++
++    - id: 6.2.4.1
++      title: Ensure access to all logfiles has been configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      notes: |-
++          It is not harmful to run these rules even if rsyslog is not installed or active.
++      rules:
++          - rsyslog_files_groupownership
++          - rsyslog_files_ownership
++          - rsyslog_files_permissions
++
++    - id: 6.3.1.1
++      title: Ensure auditd packages are installed (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - package_audit_installed
++          - package_audit-libs_installed
++
++    - id: 6.3.1.2
++      title: Ensure auditing for processes that start prior to auditd is enabled (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - grub2_audit_argument
++
++    - id: 6.3.1.3
++      title: Ensure audit_backlog_limit is sufficient (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - grub2_audit_backlog_limit_argument
++          - var_audit_backlog_limit=8192
++
++    - id: 6.3.1.4
++      title: Ensure auditd service is enabled and active (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - service_auditd_enabled
++
++    - id: 6.3.2.1
++      title: Ensure audit log storage size is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - auditd_data_retention_max_log_file
++          - var_auditd_max_log_file=6
++
++    - id: 6.3.2.2
++      title: Ensure audit logs are not automatically deleted (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - auditd_data_retention_max_log_file_action
++          - var_auditd_max_log_file_action=keep_logs
++
++    - id: 6.3.2.3
++      title: Ensure system is disabled when audit logs are full (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - auditd_data_disk_error_action
++          - auditd_data_disk_full_action
++          - var_auditd_disk_error_action=cis_rhel9
++          - var_auditd_disk_full_action=cis_rhel9
++
++    - id: 6.3.2.4
++      title: Ensure system warns when audit logs are low on space (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - auditd_data_retention_action_mail_acct
++          - auditd_data_retention_admin_space_left_action
++          - auditd_data_retention_space_left_action
++          - var_auditd_action_mail_acct=root
++          - var_auditd_admin_space_left_action=cis_rhel9
++          - var_auditd_space_left_action=cis_rhel9
++
++    - id: 6.3.3.1
++      title: Ensure changes to system administration scope (sudoers) is collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_sysadmin_actions
++
++    - id: 6.3.3.2
++      title: Ensure actions as another user are always logged (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_suid_auid_privilege_function
++
++    - id: 6.3.3.3
++      title: Ensure events that modify the sudo log file are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_sudo_log_events
++
++    - id: 6.3.3.4
++      title: Ensure events that modify date and time information are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_time_adjtimex
++          - audit_rules_time_settimeofday
++          - audit_rules_time_clock_settime
++          - audit_rules_time_watch_localtime
++      related_rules:
++          - audit_rules_time_stime
++
++    - id: 6.3.3.5
++      title: Ensure events that modify the system's network environment are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: partial
++      rules:
++          - audit_rules_networkconfig_modification
++          - audit_rules_networkconfig_modification_hostname_file
++          - audit_rules_networkconfig_modification_network_scripts
++          - audit_rules_networkconfig_modification_networkmanager
++
++    - id: 6.3.3.6
++      title: Ensure use of privileged commands are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_privileged_commands
++
++    - id: 6.3.3.7
++      title: Ensure unsuccessful file access attempts are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_unsuccessful_file_modification_creat
++          - audit_rules_unsuccessful_file_modification_ftruncate
++          - audit_rules_unsuccessful_file_modification_open
++          - audit_rules_unsuccessful_file_modification_openat
++          - audit_rules_unsuccessful_file_modification_truncate
++
++    - id: 6.3.3.8
++      title: Ensure events that modify user/group information are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_usergroup_modification_group
++          - audit_rules_usergroup_modification_gshadow
++          - audit_rules_usergroup_modification_opasswd
++          - audit_rules_usergroup_modification_passwd
++          - audit_rules_usergroup_modification_shadow
++          - audit_rules_usergroup_modification_nsswitch_conf
++          - audit_rules_usergroup_modification_pam_conf
++          - audit_rules_usergroup_modification_pamd
++
++    - id: 6.3.3.9
++      title: Ensure discretionary access control permission modification events are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_dac_modification_chmod
++          - audit_rules_dac_modification_chown
++          - audit_rules_dac_modification_fchmod
++          - audit_rules_dac_modification_fchmodat
++          - audit_rules_dac_modification_fchown
++          - audit_rules_dac_modification_fchownat
++          - audit_rules_dac_modification_fremovexattr
++          - audit_rules_dac_modification_fsetxattr
++          - audit_rules_dac_modification_lchown
++          - audit_rules_dac_modification_lremovexattr
++          - audit_rules_dac_modification_lsetxattr
++          - audit_rules_dac_modification_removexattr
++          - audit_rules_dac_modification_setxattr
++
++    - id: 6.3.3.10
++      title: Ensure successful file system mounts are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_media_export
++
++    - id: 6.3.3.11
++      title: Ensure session initiation information is collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_session_events_utmp
++          - audit_rules_session_events_btmp
++          - audit_rules_session_events_wtmp
++
++    - id: 6.3.3.12
++      title: Ensure login and logout events are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_login_events_faillock
++          - audit_rules_login_events_lastlog
++          - var_accounts_passwords_pam_faillock_dir=run
++
++    - id: 6.3.3.13
++      title: Ensure file deletion events by users are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_file_deletion_events_rename
++          - audit_rules_file_deletion_events_renameat
++          - audit_rules_file_deletion_events_unlink
++          - audit_rules_file_deletion_events_unlinkat
++
++    - id: 6.3.3.14
++      title: Ensure events that modify the system's Mandatory Access Controls are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_mac_modification
++          - audit_rules_mac_modification_usr_share
++
++    - id: 6.3.3.15
++      title: Ensure successful and unsuccessful attempts to use the chcon command are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_execution_chcon
++
++    - id: 6.3.3.16
++      title: Ensure successful and unsuccessful attempts to use the setfacl command are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_execution_setfacl
++
++    - id: 6.3.3.17
++      title: Ensure successful and unsuccessful attempts to use the chacl command are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_execution_chacl
++
++    - id: 6.3.3.18
++      title: Ensure successful and unsuccessful attempts to use the usermod command are collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_privileged_commands_usermod
++
++    - id: 6.3.3.19
++      title: Ensure kernel module loading unloading and modification is collected (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_kernel_module_loading_create
++          - audit_rules_kernel_module_loading_delete
++          - audit_rules_kernel_module_loading_finit
++          - audit_rules_kernel_module_loading_init
++          - audit_rules_kernel_module_loading_query
++          - audit_rules_privileged_commands_kmod
++
++    - id: 6.3.3.20
++      title: Ensure the audit configuration is immutable (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - audit_rules_immutable
++
++    - id: 6.3.3.21
++      title: Ensure the running and on disk configuration is the same (Manual)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: manual
++
++    - id: 6.3.4.1
++      title: Ensure the audit log file directory mode is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - directory_permissions_var_log_audit
++
++    - id: 6.3.4.2
++      title: Ensure audit log files mode is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_permissions_var_log_audit
++
++    - id: 6.3.4.3
++      title: Ensure audit log files owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_ownership_var_log_audit_stig
++
++    - id: 6.3.4.4
++      title: Ensure audit log files group owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_group_ownership_var_log_audit
++
++    - id: 6.3.4.5
++      title: Ensure audit configuration files mode is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_permissions_audit_configuration
++
++    - id: 6.3.4.6
++      title: Ensure audit configuration files owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_ownership_audit_configuration
++
++    - id: 6.3.4.7
++      title: Ensure audit configuration files group owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_groupownership_audit_configuration
++
++    - id: 6.3.4.8
++      title: Ensure audit tools mode is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_permissions_audit_binaries
++
++    - id: 6.3.4.9
++      title: Ensure audit tools owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_ownership_audit_binaries
++
++    - id: 6.3.4.10
++      title: Ensure audit tools group owner is configured (Automated)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: automated
++      rules:
++          - file_groupownership_audit_binaries
++
++    - id: 7.1.1
++      title: Ensure permissions on /etc/passwd are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_passwd
++          - file_owner_etc_passwd
++          - file_permissions_etc_passwd
++
++    - id: 7.1.2
++      title: Ensure permissions on /etc/passwd- are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_backup_etc_passwd
++          - file_owner_backup_etc_passwd
++          - file_permissions_backup_etc_passwd
++
++    - id: 7.1.3
++      title: Ensure permissions on /etc/group are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_group
++          - file_owner_etc_group
++          - file_permissions_etc_group
++
++    - id: 7.1.4
++      title: Ensure permissions on /etc/group- are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_backup_etc_group
++          - file_owner_backup_etc_group
++          - file_permissions_backup_etc_group
++
++    - id: 7.1.5
++      title: Ensure permissions on /etc/shadow are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_owner_etc_shadow
++          - file_groupowner_etc_shadow
++          - file_permissions_etc_shadow
++
++    - id: 7.1.6
++      title: Ensure permissions on /etc/shadow- are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_backup_etc_shadow
++          - file_owner_backup_etc_shadow
++          - file_permissions_backup_etc_shadow
++
++    - id: 7.1.7
++      title: Ensure permissions on /etc/gshadow are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_gshadow
++          - file_owner_etc_gshadow
++          - file_permissions_etc_gshadow
++
++    - id: 7.1.8
++      title: Ensure permissions on /etc/gshadow- are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_backup_etc_gshadow
++          - file_owner_backup_etc_gshadow
++          - file_permissions_backup_etc_gshadow
++
++    - id: 7.1.9
++      title: Ensure permissions on /etc/shells are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_groupowner_etc_shells
++          - file_owner_etc_shells
++          - file_permissions_etc_shells
++
++    - id: 7.1.10
++      title: Ensure permissions on /etc/security/opasswd are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      rules:
++    # TODO: We need another rule that checks /etc/security/opasswd.old
++          - file_etc_security_opasswd
++
++    - id: 7.1.11
++      title: Ensure world writable files and directories are secured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - file_permissions_unauthorized_world_writable
++          - dir_perms_world_writable_sticky_bits
++
++    - id: 7.1.12
++      title: Ensure no files or directories without an owner and a group exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: partial
++      rules:
++    # TODO: add rules for unowned/ungrouped directories
++          - no_files_unowned_by_user
++          - file_permissions_ungroupowned
++
++    - id: 7.1.13
++      title: Ensure SUID and SGID files are reviewed (Manual)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: manual
++      related_rules:
++          - file_permissions_unauthorized_suid
++          - file_permissions_unauthorized_sgid
++
++    - id: 7.1.14
++      title: Audit system file permissions (Manual)
++      levels:
++          - l2_server
++          - l2_workstation
++      status: manual
++      related_rules:
++          - rpm_verify_permissions
++          - rpm_verify_ownership
++
++    - id: 7.2.1
++      title: Ensure accounts in /etc/passwd use shadowed passwords (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_password_all_shadowed
++
++    - id: 7.2.2
++      title: Ensure /etc/shadow password fields are not empty (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - no_empty_passwords_etc_shadow
++
++    - id: 7.2.3
++      title: Ensure all groups in /etc/passwd exist in /etc/group (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - gid_passwd_group_same
++
++    - id: 7.2.4
++      title: Ensure no duplicate UIDs exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - account_unique_id
++
++    - id: 7.2.5
++      title: Ensure no duplicate GIDs exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - group_unique_id
++
++    - id: 7.2.6
++      title: Ensure no duplicate user names exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - account_unique_name
++
++    - id: 7.2.7
++      title: Ensure no duplicate group names exist (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - group_unique_name
++
++    - id: 7.2.8
++      title: Ensure local interactive user home directories are configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      status: automated
++      rules:
++          - accounts_user_interactive_home_directory_exists
++          - file_ownership_home_directories
++          - file_permissions_home_directories
++      related_rules:
++          - file_groupownership_home_directories
++
++    - id: 7.2.9
++      title: Ensure local interactive user dot files access is configured (Automated)
++      levels:
++          - l1_server
++          - l1_workstation
++      notes: |-
++          Missing a rule to check that .bash_history is mode 0600 or more restrictive.
++      status: partial
++      rules:
++          - accounts_user_dot_group_ownership
++          - accounts_user_dot_user_ownership
++          - accounts_user_dot_no_world_writable_programs
++          - file_permission_user_init_files
++          - var_user_initialization_files_regex=all_dotfiles
++          - no_forward_files
++          - no_netrc_files
++          - no_rsh_trust_files
++      related_rules:
++          - accounts_users_netrc_file_permissions
+diff --git a/products/almalinux9/controls/stig_rhel9.yml b/products/almalinux9/controls/stig_rhel9.yml
+new file mode 100644
+index 000000000..396d494b3
+--- /dev/null
++++ b/products/almalinux9/controls/stig_rhel9.yml
+@@ -0,0 +1,3889 @@
++---
++policy: 'Red Hat Enterprise Linux 9 Security Technical Implementation Guide'
++title: 'Red Hat Enterprise Linux 9 Security Technical Implementation Guide'
++id: stig_rhel9
++source: https://www.cyber.mil/stigs/downloads/
++version: V2R4
++reference_type: stigid
++product: rhel9
++
++levels:
++    - id: high
++    - id: medium
++    - id: low
++
++controls:
++    - id: needed_rules
++      levels:
++          - medium
++      rules:
++          - enable_authselect
++          - var_authselect_profile=sssd
++
++    - id: RHEL-09-171011
++      levels:
++          - medium
++      rules:
++          - dconf_gnome_login_banner_text
++    - id: RHEL-09-211010
++      levels:
++          - high
++      title: RHEL 9 must be a vendor-supported release.
++      rules:
++          - installed_OS_is_vendor_supported
++      status: automated
++
++    - id: RHEL-09-211015
++      levels:
++          - medium
++      title: RHEL 9 vendor packaged system security patches and updates must be installed and up to date.
++      rules:
++          - security_patches_up_to_date
++      status: automated
++
++    - id: RHEL-09-211020
++      levels:
++          - medium
++      title: RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting
++          local or remote access to the system via a command line user logon.
++      rules:
++          - banner_etc_issue
++          - login_banner_text=dod_banners
++      status: automated
++
++    - id: RHEL-09-211030
++      levels:
++          - medium
++      title: The graphical display manager must not be the default target on RHEL 9 unless approved.
++      rules:
++          - xwindows_runlevel_target
++      status: automated
++
++    - id: RHEL-09-211035
++      levels:
++          - low
++      title: RHEL 9 must enable the hardware random number generator entropy gatherer service.
++      related_rules:
++          - service_rngd_enabled  # This rule is causing test failures, See https://github.com/ComplianceAsCode/content/pull/10153
++      status: pending
++
++    - id: RHEL-09-211040
++      levels:
++          - medium
++      title: RHEL 9 systemd-journald service must be enabled.
++      rules:
++          - service_systemd-journald_enabled
++      status: automated
++
++    - id: RHEL-09-211045
++      levels:
++          - high
++      title: The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.
++      rules:
++          - disable_ctrlaltdel_burstaction
++      status: automated
++
++    - id: RHEL-09-211050
++      levels:
++          - high
++      title: The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.
++      rules:
++          - disable_ctrlaltdel_reboot
++      status: automated
++
++    - id: RHEL-09-211055
++      levels:
++          - medium
++      title: RHEL 9 debug-shell systemd service must be disabled.
++      status: automated
++      rules:
++          - service_debug-shell_disabled
++
++    - id: RHEL-09-212010
++      levels:
++          - medium
++      title: RHEL 9 must require a boot loader superuser password.
++      rules:
++          - grub2_password
++      status: automated
++
++    - id: RHEL-09-212015
++      levels:
++          - medium
++      title: RHEL 9 must disable the ability of systemd to spawn an interactive boot process.
++      rules:
++          - grub2_disable_interactive_boot
++      status: automated
++
++    - id: RHEL-09-212020
++      levels:
++          - high
++      title: RHEL 9 must require a unique superusers name upon booting into single-user and maintenance
++          modes.
++      rules:
++          - grub2_admin_username
++      status: automated
++
++    - id: RHEL-09-212025
++      levels:
++          - medium
++      title: RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root.
++      rules:
++          - file_groupowner_grub2_cfg
++      status: automated
++
++    - id: RHEL-09-212030
++      levels:
++          - medium
++      title: RHEL 9 /boot/grub2/grub.cfg file must be owned by root.
++      rules:
++          - file_owner_grub2_cfg
++      status: automated
++
++    - id: RHEL-09-212035
++      levels:
++          - medium
++      title: RHEL 9 must disable virtual system calls.
++      rules:
++          - grub2_vsyscall_argument
++      status: automated
++
++    - id: RHEL-09-212040
++      levels:
++          - medium
++      title: RHEL 9 must clear the page allocator to prevent use-after-free attacks.
++      rules:
++          - grub2_page_poison_argument
++      status: automated
++
++    - id: RHEL-09-212045
++      levels:
++          - medium
++      title: RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.
++      rules:
++          - grub2_init_on_free
++      status: automated
++
++    - id: RHEL-09-212050
++      levels:
++          - low
++      title: RHEL 9 must enable mitigations against processor-based vulnerabilities.
++      rules:
++          - grub2_pti_argument
++      status: automated
++
++    - id: RHEL-09-212055
++      levels:
++          - low
++      title: RHEL 9 must enable auditing of processes that start prior to the audit daemon.
++      rules:
++          - grub2_audit_argument
++      status: automated
++
++    - id: RHEL-09-213010
++      levels:
++          - medium
++      title: RHEL 9 must restrict access to the kernel message buffer.
++      rules:
++          - sysctl_kernel_dmesg_restrict
++      status: automated
++
++    - id: RHEL-09-213015
++      levels:
++          - medium
++      title: RHEL 9 must prevent kernel profiling by nonprivileged users.
++      rules:
++          - sysctl_kernel_perf_event_paranoid
++      status: automated
++
++    - id: RHEL-09-213020
++      levels:
++          - medium
++      title: RHEL 9 must prevent the loading of a new kernel for later execution.
++      rules:
++          - sysctl_kernel_kexec_load_disabled
++      status: automated
++
++    - id: RHEL-09-213025
++      levels:
++          - medium
++      title: RHEL 9 must restrict exposed kernel pointer addresses access.
++      rules:
++          - sysctl_kernel_kptr_restrict
++      status: automated
++
++    - id: RHEL-09-213030
++      levels:
++          - medium
++      title: RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.
++      rules:
++          - sysctl_fs_protected_hardlinks
++      status: automated
++
++    - id: RHEL-09-213035
++      levels:
++          - medium
++      title: RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.
++      rules:
++          - sysctl_fs_protected_symlinks
++      status: automated
++
++    - id: RHEL-09-213040
++      levels:
++          - medium
++      title: RHEL 9 must disable the kernel.core_pattern.
++      rules:
++          - sysctl_kernel_core_pattern
++      status: automated
++
++    - id: RHEL-09-213045
++      levels:
++          - medium
++      title: RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module.
++      rules:
++          - kernel_module_atm_disabled
++      status: automated
++
++    - id: RHEL-09-213050
++      levels:
++          - medium
++      title: RHEL 9 must be configured to disable the Controller Area Network kernel module.
++      rules:
++          - kernel_module_can_disabled
++      status: automated
++
++    - id: RHEL-09-213055
++      levels:
++          - medium
++      title: RHEL 9 must be configured to disable the FireWire kernel module.
++      rules:
++          - kernel_module_firewire-core_disabled
++      status: automated
++
++    - id: RHEL-09-213060
++      levels:
++          - medium
++      title: RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.
++      rules:
++          - kernel_module_sctp_disabled
++      status: automated
++
++    - id: RHEL-09-213065
++      levels:
++          - medium
++      title: RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module.
++      rules:
++          - kernel_module_tipc_disabled
++      status: automated
++
++    - id: RHEL-09-213070
++      levels:
++          - medium
++      title: RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from
++          unauthorized code execution.
++      rules:
++          - sysctl_kernel_randomize_va_space
++      status: automated
++
++    - id: RHEL-09-213075
++      levels:
++          - medium
++      title: RHEL 9 must disable access to network bpf system call from nonprivileged processes.
++      rules:
++          - sysctl_kernel_unprivileged_bpf_disabled
++      status: automated
++
++    - id: RHEL-09-213080
++      levels:
++          - medium
++      title: RHEL 9 must restrict usage of ptrace to descendant processes.
++      rules:
++          - sysctl_kernel_yama_ptrace_scope
++      status: automated
++
++    - id: RHEL-09-213085
++      levels:
++          - medium
++      title: RHEL 9 must disable core dump backtraces.
++      rules:
++          - coredump_disable_backtraces
++      status: automated
++
++    - id: RHEL-09-213090
++      levels:
++          - medium
++      title: RHEL 9 must disable storing core dumps.
++      rules:
++          - coredump_disable_storage
++      status: automated
++
++    - id: RHEL-09-213095
++      levels:
++          - medium
++      title: RHEL 9 must disable core dumps for all users.
++      rules:
++          - disable_users_coredumps
++      status: automated
++
++    - id: RHEL-09-213100
++      levels:
++          - medium
++      title: RHEL 9 must disable acquiring, saving, and processing core dumps.
++      rules:
++          - service_systemd-coredump_disabled
++      status: automated
++
++    - id: RHEL-09-213105
++      levels:
++          - medium
++      title: RHEL 9 must disable the use of user namespaces.
++      rules:
++          - sysctl_user_max_user_namespaces_no_remediation
++      status: automated
++
++    - id: RHEL-09-213110
++      levels:
++          - medium
++      title: RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.
++      rules:
++          - sysctl_kernel_exec_shield
++      status: automated
++
++    - id: RHEL-09-213115
++      levels:
++          - medium
++      title: The kdump service on RHEL 9 must be disabled.
++      rules:
++          - service_kdump_disabled
++      status: automated
++
++    - id: RHEL-09-214010
++      levels:
++          - medium
++      title: RHEL 9 must ensure cryptographic verification of vendor software packages.
++      rules:
++          - ensure_redhat_gpgkey_installed
++      status: automated
++
++    - id: RHEL-09-214015
++      levels:
++          - high
++      title: RHEL 9 must check the GPG signature of software packages originating from external software
++          repositories before installation.
++      rules:
++          - ensure_gpgcheck_globally_activated
++      status: automated
++
++    - id: RHEL-09-214020
++      levels:
++          - high
++      title: RHEL 9 must check the GPG signature of locally installed software packages before installation.
++      rules:
++          - ensure_gpgcheck_local_packages
++      status: automated
++
++    - id: RHEL-09-214025
++      levels:
++          - high
++      title: RHEL 9 must have GPG signature verification enabled for all software repositories.
++      rules:
++          - ensure_gpgcheck_never_disabled
++      status: automated
++
++    - id: RHEL-09-214030
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that the cryptographic hashes of system files match vendor
++          values.
++      related_rules:
++          - rpm_verify_hashes  # Due to crypto policies this cannot be selected at this time
++      status: pending
++
++    - id: RHEL-09-214035
++      levels:
++          - low
++      title: RHEL 9 must remove all software components after updated versions have been installed.
++      rules:
++          - clean_components_post_updating
++      status: automated
++
++    - id: RHEL-09-215010
++      levels:
++          - medium
++      title: RHEL 9 subscription-manager package must be installed.
++      rules:
++          - package_subscription-manager_installed
++      status: automated
++
++    - id: RHEL-09-215015
++      levels:
++          - high
++      title: RHEL 9 must not have a File Transfer Protocol (FTP) server package installed.
++      rules:
++          - package_vsftpd_removed
++      status: automated
++
++    - id: RHEL-09-215020
++      levels:
++          - medium
++      title: RHEL 9 must not have the sendmail package installed.
++      rules:
++          - package_sendmail_removed
++      status: automated
++
++    - id: RHEL-09-215025
++      levels:
++          - medium
++      title: RHEL 9 must not have the nfs-utils package installed.
++      rules:
++          - package_nfs-utils_removed
++      status: automated
++
++    - id: RHEL-09-215030
++      levels:
++          - medium
++      title: RHEL 9 must not have the ypserv package installed.
++      related_rules:
++          - package_ypserv_removed
++      status: not applicable  # The ypserv package is not available in RHEL 9
++
++    - id: RHEL-09-215035
++      levels:
++          - medium
++      title: RHEL 9 must not have the rsh-server package installed.
++      related_rules:
++          - package_rsh-server_removed
++      status: not applicable  # The rsh-server package is not available in RHEL 9
++
++    - id: RHEL-09-215040
++      levels:
++          - medium
++      title: RHEL 9 must not have the telnet-server package installed.
++      rules:
++          - package_telnet-server_removed
++      status: automated
++
++    - id: RHEL-09-215045
++      levels:
++          - medium
++      title: RHEL 9 must not have the gssproxy package installed.
++      rules:
++          - package_gssproxy_removed
++      status: automated
++
++    - id: RHEL-09-215050
++      levels:
++          - medium
++      title: RHEL 9 must not have the iprutils package installed.
++      rules:
++          - package_iprutils_removed
++      status: automated
++
++    - id: RHEL-09-215055
++      levels:
++          - medium
++      title: RHEL 9 must not have the tuned package installed.
++      rules:
++          - package_tuned_removed
++      status: automated
++
++    - id: RHEL-09-215060
++      levels:
++          - high
++      title: RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed.
++      rules:
++          - package_tftp-server_removed
++      status: automated
++
++    - id: RHEL-09-215065
++      levels:
++          - medium
++      title: RHEL 9 must not have the quagga package installed.
++      related_rules:
++          - package_quagga_removed
++      status: not applicable  # The quagga package is not available in RHEL 9
++
++    - id: RHEL-09-215070
++      levels:
++          - medium
++      title: A graphical display manager must not be installed on RHEL 9 unless approved.
++      rules:
++          - xwindows_remove_packages
++      status: automated
++
++    - id: RHEL-09-215075
++      levels:
++          - medium
++      title: RHEL 9 must have the openssl-pkcs11 package installed.
++      rules:
++          - install_smartcard_packages
++      status: automated
++
++    - id: RHEL-09-215080
++      levels:
++          - medium
++      title: RHEL 9 must have the gnutls-utils package installed.
++      rules:
++          - package_gnutls-utils_installed
++      status: automated
++
++    - id: RHEL-09-215085
++      levels:
++          - medium
++      title: RHEL 9 must have the nss-tools package installed.
++      rules:
++          - package_nss-tools_installed
++      status: automated
++
++    - id: RHEL-09-215090
++      levels:
++          - medium
++      title: RHEL 9 must have the rng-tools package installed.
++      rules:
++          - package_rng-tools_installed
++      status: automated
++
++    - id: RHEL-09-215095
++      levels:
++          - medium
++      title: RHEL 9 must have the s-nail package installed.
++      rules:
++          - package_s-nail_installed
++      status: automated
++
++    - id: RHEL-09-215100
++      levels:
++          - medium
++      title: RHEL 9 must have the crypto-policies package installed.
++      rules:
++          - package_crypto-policies_installed
++      status: automated
++
++    - id: RHEL-09-215101
++      levels:
++          - medium
++      title: RHEL 9 must have the Postfix package installed.
++      status: automated
++      rules:
++          - package_postfix_installed
++
++    - id: RHEL-09-215105
++      levels:
++          - medium
++      title: RHEL 9 must implement a FIPS 140-3 compliant systemwide cryptographic policy.
++      rules:
++          - configure_crypto_policy
++          - fips_crypto_subpolicy
++          - fips_custom_stig_sub_policy
++      status: automated
++
++    - id: RHEL-09-231010
++      levels:
++          - medium
++      title: A separate RHEL 9 file system must be used for user home directories (such as /home or an
++          equivalent).
++      rules:
++          - partition_for_home
++      status: automated
++
++    - id: RHEL-09-231015
++      levels:
++          - medium
++      title: RHEL 9 must use a separate file system for /tmp.
++      rules:
++          - partition_for_tmp
++      status: automated
++
++    - id: RHEL-09-231020
++      levels:
++          - low
++      title: RHEL 9 must use a separate file system for /var.
++      rules:
++          - partition_for_var
++      status: automated
++
++    - id: RHEL-09-231025
++      levels:
++          - low
++      title: RHEL 9 must use a separate file system for /var/log.
++      rules:
++          - partition_for_var_log
++      status: automated
++
++    - id: RHEL-09-231030
++      levels:
++          - low
++      title: RHEL 9 must use a separate file system for the system audit data path.
++      rules:
++          - partition_for_var_log_audit
++      status: automated
++
++    - id: RHEL-09-231035
++      levels:
++          - medium
++      title: RHEL 9 must use a separate file system for /var/tmp.
++      rules:
++          - partition_for_var_tmp
++      status: automated
++
++    - id: RHEL-09-231040
++      levels:
++          - medium
++      title: RHEL 9 file system automount function must be disabled unless required.
++      rules:
++          - service_autofs_disabled
++      status: automated
++
++    - id: RHEL-09-231045
++      levels:
++          - medium
++      title: RHEL 9 must prevent device files from being interpreted on file systems that contain user
++          home directories.
++      rules:
++          - mount_option_home_nodev
++      status: automated
++
++    - id: RHEL-09-231050
++      levels:
++          - medium
++      title: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file
++          systems that contain user home directories.
++      rules:
++          - mount_option_home_nosuid
++      status: automated
++
++    - id: RHEL-09-231055
++      levels:
++          - medium
++      title: RHEL 9 must prevent code from being executed on file systems that contain user home directories.
++      rules:
++          - mount_option_home_noexec
++      status: automated
++
++    - id: RHEL-09-231065
++      levels:
++          - medium
++      title: RHEL 9 must prevent special devices on file systems that are imported via Network File System
++          (NFS).
++      rules:
++          - mount_option_nodev_remote_filesystems
++      status: automated
++
++    - id: RHEL-09-231070
++      levels:
++          - medium
++      title: RHEL 9  must prevent code from being executed on file systems that are imported via Network
++          File System (NFS).
++      rules:
++          - mount_option_noexec_remote_filesystems
++      status: automated
++
++    - id: RHEL-09-231075
++      levels:
++          - medium
++      title: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file
++          systems that are imported via Network File System (NFS).
++      rules:
++          - mount_option_nosuid_remote_filesystems
++      status: automated
++
++    - id: RHEL-09-231080
++      levels:
++          - medium
++      title: RHEL 9 must prevent code from being executed on file systems that are used with removable
++          media.
++      rules:
++          - mount_option_noexec_removable_partitions
++      status: automated
++
++    - id: RHEL-09-231085
++      levels:
++          - medium
++      title: RHEL 9 must prevent special devices on file systems that are used with removable media.
++      rules:
++          - mount_option_nodev_removable_partitions
++      status: automated
++
++    - id: RHEL-09-231090
++      levels:
++          - medium
++      title: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file
++          systems that are used with removable media.
++      rules:
++          - mount_option_nosuid_removable_partitions
++      status: automated
++
++    - id: RHEL-09-231095
++      levels:
++          - medium
++      title: RHEL 9 must mount /boot with the nodev option.
++      rules:
++          - mount_option_boot_nodev
++      status: automated
++
++    - id: RHEL-09-231100
++      levels:
++          - medium
++      title: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the
++          /boot directory.
++      rules:
++          - mount_option_boot_nosuid
++      status: automated
++
++    - id: RHEL-09-231105
++      levels:
++          - medium
++      title: RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the
++          /boot/efi directory.
++      rules:
++          - mount_option_boot_efi_nosuid
++      status: automated
++
++    - id: RHEL-09-231110
++      levels:
++          - medium
++      title: RHEL 9 must mount /dev/shm with the nodev option.
++      rules:
++          - mount_option_dev_shm_nodev
++      status: automated
++
++    - id: RHEL-09-231115
++      levels:
++          - medium
++      title: RHEL 9 must mount /dev/shm with the noexec option.
++      rules:
++          - mount_option_dev_shm_noexec
++      status: automated
++
++    - id: RHEL-09-231120
++      levels:
++          - medium
++      title: RHEL 9 must mount /dev/shm with the nosuid option.
++      rules:
++          - mount_option_dev_shm_nosuid
++      status: automated
++
++    - id: RHEL-09-231125
++      levels:
++          - medium
++      title: RHEL 9 must mount /tmp with the nodev option.
++      rules:
++          - mount_option_tmp_nodev
++      status: automated
++
++    - id: RHEL-09-231130
++      levels:
++          - medium
++      title: RHEL 9 must mount /tmp with the noexec option.
++      rules:
++          - mount_option_tmp_noexec
++      status: automated
++
++    - id: RHEL-09-231135
++      levels:
++          - medium
++      title: RHEL 9 must mount /tmp with the nosuid option.
++      rules:
++          - mount_option_tmp_nosuid
++      status: automated
++
++    - id: RHEL-09-231140
++      levels:
++          - medium
++      title: RHEL 9 must mount /var with the nodev option.
++      rules:
++          - mount_option_var_nodev
++      status: automated
++
++    - id: RHEL-09-231145
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log with the nodev option.
++      rules:
++          - mount_option_var_log_nodev
++      status: automated
++
++    - id: RHEL-09-231150
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log with the noexec option.
++      rules:
++          - mount_option_var_log_noexec
++      status: automated
++
++    - id: RHEL-09-231155
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log with the nosuid option.
++      rules:
++          - mount_option_var_log_nosuid
++      status: automated
++
++    - id: RHEL-09-231160
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log/audit with the nodev option.
++      rules:
++          - mount_option_var_log_audit_nodev
++      status: automated
++
++    - id: RHEL-09-231165
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log/audit with the noexec option.
++      rules:
++          - mount_option_var_log_audit_noexec
++      status: automated
++
++    - id: RHEL-09-231170
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/log/audit with the nosuid option.
++      rules:
++          - mount_option_var_log_audit_nosuid
++      status: automated
++
++    - id: RHEL-09-231175
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/tmp with the nodev option.
++      rules:
++          - mount_option_var_tmp_nodev
++      status: automated
++
++    - id: RHEL-09-231180
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/tmp with the noexec option.
++      rules:
++          - mount_option_var_tmp_noexec
++      status: automated
++
++    - id: RHEL-09-231185
++      levels:
++          - medium
++      title: RHEL 9 must mount /var/tmp with the nosuid option.
++      rules:
++          - mount_option_var_tmp_nosuid
++      status: automated
++
++    - id: RHEL-09-231190
++      levels:
++          - high
++      title: RHEL 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized
++          disclosure or modification of all information that requires at rest protection.
++      rules:
++          - encrypt_partitions
++      status: automated
++
++    - id: RHEL-09-231195
++      levels:
++          - low
++      title: RHEL 9 must disable mounting of cramfs.
++      rules:
++          - kernel_module_cramfs_disabled
++      status: automated
++
++    - id: RHEL-09-231200
++      levels:
++          - medium
++      title: RHEL 9 must prevent special devices on non-root local partitions.
++      rules:
++          - mount_option_nodev_nonroot_local_partitions
++      status: automated
++
++    - id: RHEL-09-232010
++      levels:
++          - medium
++      title: RHEL 9 system commands must have mode 755 or less permissive.
++      rules:
++          - file_permissions_binary_dirs
++      status: automated
++
++    - id: RHEL-09-232015
++      levels:
++          - medium
++      title: RHEL 9 library directories must have mode 755 or less permissive.
++      rules:
++          - dir_permissions_library_dirs
++      status: automated
++
++    - id: RHEL-09-232020
++      levels:
++          - medium
++      title: RHEL 9 library files must have mode 755 or less permissive.
++      rules:
++          - file_permissions_library_dirs
++      status: automated
++
++    - id: RHEL-09-232025
++      levels:
++          - medium
++      title: RHEL 9 /var/log directory must have mode 0755 or less permissive.
++      rules:
++          - file_permissions_var_log
++      status: automated
++
++    - id: RHEL-09-232030
++      levels:
++          - medium
++      title: RHEL 9 /var/log/messages file must have mode 0640 or less permissive.
++      rules:
++          - file_permissions_var_log_messages
++      status: automated
++
++    - id: RHEL-09-232035
++      levels:
++          - medium
++      title: RHEL 9 audit tools must have a mode of 0755 or less permissive.
++      rules:
++          - file_audit_tools_permissions
++      status: automated
++
++    - id: RHEL-09-232040
++      levels:
++          - medium
++      title: RHEL 9 cron configuration directories must have a mode of 0700 or less permissive.
++      rules:
++          - package_cron_installed
++          - file_permissions_cron_d
++          - file_permissions_cron_daily
++          - file_permissions_cron_hourly
++          - file_permissions_cron_monthly
++          - file_permissions_cron_weekly
++      status: automated
++
++    - id: RHEL-09-232045
++      levels:
++          - medium
++      title: All RHEL 9 local initialization files must have mode 0740 or less permissive.
++      rules:
++          - file_permission_user_init_files_root
++          - var_user_initialization_files_regex=all_dotfiles
++          - rootfiles_configured
++      status: automated
++
++    - id: RHEL-09-232050
++      levels:
++          - medium
++      title: All RHEL 9 local interactive user home directories must have mode 0750 or less permissive.
++      rules:
++          - file_permissions_home_directories
++      status: automated
++
++    - id: RHEL-09-232055
++      levels:
++          - medium
++      title: RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access.
++      rules:
++          - file_permissions_etc_group
++      status: automated
++
++    - id: RHEL-09-232060
++      levels:
++          - medium
++      title: RHEL 9 /etc/group- file must have mode 0644 or less permissive to prevent unauthorized access.
++      rules:
++          - file_permissions_backup_etc_group
++      status: automated
++
++    - id: RHEL-09-232065
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized
++          access.
++      rules:
++          - file_permissions_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232070
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow- file must have mode 0000 or less permissive to prevent unauthorized
++          access.
++      rules:
++          - file_permissions_backup_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232075
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd file must have mode 0644 or less permissive to prevent unauthorized access.
++      rules:
++          - file_permissions_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232080
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized
++          access.
++      rules:
++          - file_permissions_backup_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232085
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow- file must have mode 0000 or less permissive to prevent unauthorized
++          access.
++      rules:
++          - file_permissions_backup_etc_shadow
++      status: automated
++
++    - id: RHEL-09-232090
++      levels:
++          - medium
++      title: RHEL 9 /etc/group file must be owned by root.
++      rules:
++          - file_owner_etc_group
++      status: automated
++
++    - id: RHEL-09-232095
++      levels:
++          - medium
++      title: RHEL 9 /etc/group file must be group-owned by root.
++      rules:
++          - file_groupowner_etc_group
++      status: automated
++
++    - id: RHEL-09-232100
++      levels:
++          - medium
++      title: RHEL 9 /etc/group- file must be owned by root.
++      rules:
++          - file_owner_backup_etc_group
++
++    - id: RHEL-09-232103
++      title: RHEL 9 "/etc/audit/" must be owned by root.
++      levels:
++          - medium
++      rules:
++          - file_ownership_audit_configuration
++      status: automated
++
++    - id: RHEL-09-232104
++      title: RHEL 9 "/etc/audit/" must be group-owned by root.
++      levels:
++          - medium
++      rules:
++          - file_groupownership_audit_configuration
++
++    - id: RHEL-09-232105
++      levels:
++          - medium
++      title: RHEL 9 /etc/group- file must be group-owned by root.
++      rules:
++          - file_groupowner_backup_etc_group
++      status: automated
++
++    - id: RHEL-09-232110
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow file must be owned by root.
++      rules:
++          - file_owner_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232115
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow file must be group-owned by root.
++      rules:
++          - file_groupowner_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232120
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow- file must be owned by root.
++      rules:
++          - file_owner_backup_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232125
++      levels:
++          - medium
++      title: RHEL 9 /etc/gshadow- file must be group-owned by root.
++      rules:
++          - file_groupowner_backup_etc_gshadow
++      status: automated
++
++    - id: RHEL-09-232130
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd file must be owned by root.
++      rules:
++          - file_owner_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232135
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd file must be group-owned by root.
++      rules:
++          - file_groupowner_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232140
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd- file must be owned by root.
++      rules:
++          - file_owner_backup_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232145
++      levels:
++          - medium
++      title: RHEL 9 /etc/passwd- file must be group-owned by root.
++      rules:
++          - file_groupowner_backup_etc_passwd
++      status: automated
++
++    - id: RHEL-09-232150
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow file must be owned by root.
++      rules:
++          - file_owner_etc_shadow
++      status: automated
++
++    - id: RHEL-09-232155
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow file must be group-owned by root.
++      rules:
++          - file_groupowner_etc_shadow
++      status: automated
++
++    - id: RHEL-09-232160
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow- file must be owned by root.
++      rules:
++          - file_owner_backup_etc_shadow
++      status: automated
++
++    - id: RHEL-09-232165
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow- file must be group-owned by root.
++      rules:
++          - file_groupowner_backup_etc_shadow
++      status: automated
++
++    - id: RHEL-09-232170
++      levels:
++          - medium
++      title: RHEL 9 /var/log directory must be owned by root.
++      rules:
++          - file_owner_var_log
++      status: automated
++
++    - id: RHEL-09-232175
++      levels:
++          - medium
++      title: RHEL 9 /var/log directory must be group-owned by root.
++      rules:
++          - file_groupowner_var_log
++      status: automated
++
++    - id: RHEL-09-232180
++      levels:
++          - medium
++      title: RHEL 9 /var/log/messages file must be owned by root.
++      rules:
++          - file_owner_var_log_messages
++      status: automated
++
++    - id: RHEL-09-232185
++      levels:
++          - medium
++      title: RHEL 9 /var/log/messages file must be group-owned by root.
++      rules:
++          - file_groupowner_var_log_messages
++      status: automated
++
++    - id: RHEL-09-232190
++      levels:
++          - medium
++      title: RHEL 9 system commands must be owned by root.
++      rules:
++          - file_ownership_binary_dirs
++      status: automated
++
++    - id: RHEL-09-232195
++      levels:
++          - medium
++      title: RHEL 9 system commands must be group-owned by root or a system account.
++      rules:
++          - file_groupownership_system_commands_dirs
++      status: automated
++
++    - id: RHEL-09-232200
++      levels:
++          - medium
++      title: RHEL 9 library files must be owned by root.
++      rules:
++          - file_ownership_library_dirs
++      status: automated
++
++    - id: RHEL-09-232205
++      levels:
++          - medium
++      title: RHEL 9 library files must be group-owned by root or a system account.
++      rules:
++          - root_permissions_syslibrary_files
++      status: automated
++
++    - id: RHEL-09-232210
++      levels:
++          - medium
++      title: RHEL 9 library directories must be owned by root.
++      rules:
++          - dir_ownership_library_dirs
++      status: automated
++
++    - id: RHEL-09-232215
++      levels:
++          - medium
++      title: RHEL 9 library directories must be group-owned by root or a system account.
++      rules:
++          - dir_group_ownership_library_dirs
++      status: automated
++
++    - id: RHEL-09-232220
++      levels:
++          - medium
++      title: RHEL 9 audit tools must be owned by root.
++      rules:
++          - file_audit_tools_ownership
++      status: automated
++
++    - id: RHEL-09-232225
++      levels:
++          - medium
++      title: RHEL 9 audit tools must be group-owned by root.
++      rules:
++          - file_audit_tools_group_ownership
++      status: automated
++
++    - id: RHEL-09-232230
++      levels:
++          - medium
++      title: RHEL 9 cron configuration files directory must be owned by root.
++      rules:
++          - file_owner_cron_d
++          - file_owner_cron_daily
++          - file_owner_cron_hourly
++          - file_owner_cron_monthly
++          - file_owner_cron_weekly
++          - file_owner_crontab
++          - file_owner_cron_deny
++      status: automated
++
++    - id: RHEL-09-232235
++      levels:
++          - medium
++      title: RHEL 9 cron configuration files directory must be group-owned by root.
++      rules:
++          - file_groupowner_cron_d
++          - file_groupowner_cron_daily
++          - file_groupowner_cron_hourly
++          - file_groupowner_cron_monthly
++          - file_groupowner_cron_weekly
++          - file_groupowner_crontab
++          - file_groupowner_cron_deny
++      status: automated
++
++    - id: RHEL-09-232240
++      levels:
++          - medium
++      title: All RHEL 9 world-writable directories must be owned by root, sys, bin, or an application
++          user.
++      rules:
++          - dir_perms_world_writable_root_owned
++      status: automated
++
++    - id: RHEL-09-232245
++      levels:
++          - medium
++      title: A sticky bit must be set on all RHEL 9 public directories.
++      rules:
++          - dir_perms_world_writable_sticky_bits
++      status: automated
++
++    - id: RHEL-09-232250
++      levels:
++          - medium
++      title: All RHEL 9 local files and directories must have a valid group owner.
++      rules:
++          - file_permissions_ungroupowned
++      status: automated
++
++    - id: RHEL-09-232255
++      levels:
++          - medium
++      title: All RHEL 9 local files and directories must have a valid owner.
++      rules:
++          - no_files_unowned_by_user
++      status: automated
++
++    - id: RHEL-09-232260
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that all system device files are correctly labeled to prevent
++          unauthorized modification.
++      rules:
++          - selinux_all_devicefiles_labeled
++      status: automated
++
++    - id: RHEL-09-232270
++      levels:
++          - medium
++      title: RHEL 9 /etc/shadow file must have mode 0000 to prevent unauthorized access.
++      rules:
++          - file_permissions_etc_shadow
++      status: automated
++
++    - id: RHEL-09-251010
++      levels:
++          - medium
++      title: RHEL 9 must have the firewalld package installed.
++      rules:
++          - package_firewalld_installed
++      status: automated
++
++    - id: RHEL-09-251015
++      levels:
++          - medium
++      title: The firewalld service on RHEL 9 must be active.
++      rules:
++          - service_firewalld_enabled
++      status: automated
++
++    - id: RHEL-09-251020
++      levels:
++          - medium
++      title: A RHEL 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections
++          to other systems.
++      rules:
++          - configured_firewalld_default_deny
++      status: automated
++
++    - id: RHEL-09-251030
++      levels:
++          - medium
++      title: RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring
++          rate-limiting measures on impacted network interfaces are implemented.
++      rules:
++          - firewalld-backend
++      status: automated
++
++    - id: RHEL-09-251035
++      levels:
++          - medium
++      title: RHEL 9 must be configured to prohibit or restrict the use of functions, ports, protocols,
++          and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category
++          Assignments List (CAL) and vulnerability assessments.
++      rules:
++          - firewalld_sshd_port_enabled
++      status: automated
++
++    - id: RHEL-09-251040
++      levels:
++          - medium
++      title: RHEL 9 network interfaces must not be in promiscuous mode.
++      rules:
++          - network_sniffer_disabled
++      status: automated
++
++    - id: RHEL-09-251045
++      levels:
++          - medium
++      title: RHEL 9 must enable hardening for the Berkeley Packet Filter just-in-time compiler.
++      rules:
++          - sysctl_net_core_bpf_jit_harden
++      status: automated
++
++    - id: RHEL-09-252010
++      levels:
++          - medium
++      title: RHEL 9 must have the chrony package installed.
++      rules:
++          - package_chrony_installed
++      status: automated
++
++    - id: RHEL-09-252015
++      levels:
++          - medium
++      title: RHEL 9 chronyd service must be enabled.
++      rules:
++          - service_chronyd_enabled
++      status: automated
++
++    - id: RHEL-09-252020
++      levels:
++          - medium
++      title: RHEL 9 must securely compare internal information system clocks at least every 24 hours.
++      rules:
++          - chronyd_or_ntpd_set_maxpoll
++          - chronyd_server_directive
++          - chronyd_specify_remote_server
++          - var_multiple_time_servers=stig
++          - var_time_service_set_maxpoll=18_hours
++      status: automated
++
++    - id: RHEL-09-252025
++      levels:
++          - low
++      title: RHEL 9 must disable the chrony daemon from acting as a server.
++      rules:
++          - chronyd_client_only
++      status: automated
++
++    - id: RHEL-09-252030
++      levels:
++          - low
++      title: RHEL 9 must disable network management of the chrony daemon.
++      rules:
++          - chronyd_no_chronyc_network
++      status: automated
++
++    - id: RHEL-09-252035
++      levels:
++          - medium
++      title: RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers
++          configured.
++      rules:
++          - network_configure_name_resolution
++      status: automated
++
++    - id: RHEL-09-252040
++      levels:
++          - medium
++      title: RHEL 9 must configure a DNS processing mode set be Network Manager.
++      rules:
++          - networkmanager_dns_mode
++          - var_networkmanager_dns_mode=explicit_default
++      status: automated
++
++    - id: RHEL-09-252045
++      levels:
++          - medium
++      title: RHEL 9 must not have unauthorized IP tunnels configured.
++      rules:
++          - libreswan_approved_tunnels
++      status: automated
++
++    - id: RHEL-09-252050
++      levels:
++          - medium
++      title: RHEL 9 must be configured to prevent unrestricted mail relaying.
++      rules:
++          - postfix_prevent_unrestricted_relay
++      status: automated
++
++    - id: RHEL-09-252060
++      levels:
++          - medium
++      title: RHEL 9 must forward mail from postmaster to the root account using a postfix alias.
++      rules:
++          - postfix_client_configure_mail_alias_postmaster
++      status: automated
++
++    - id: RHEL-09-252065
++      levels:
++          - medium
++      title: RHEL 9 libreswan package must be installed.
++      rules:
++          - package_libreswan_installed
++      status: automated
++
++    - id: RHEL-09-252070
++      levels:
++          - high
++      title: There must be no shosts.equiv files on RHEL 9.
++      rules:
++          - no_host_based_files
++      status: automated
++
++    - id: RHEL-09-252075
++      levels:
++          - high
++      title: There must be no .shosts files on RHEL 9.
++      rules:
++          - no_user_host_based_files
++      status: automated
++
++    - id: RHEL-09-253010
++      levels:
++          - medium
++      title: RHEL 9 must be configured to use TCP syncookies.
++      rules:
++          - sysctl_net_ipv4_tcp_syncookies
++      status: automated
++
++    - id: RHEL-09-253015
++      levels:
++          - medium
++      title: RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol
++          (ICMP) redirect messages.
++      rules:
++          - sysctl_net_ipv4_conf_all_accept_redirects
++      status: automated
++
++    - id: RHEL-09-253020
++      levels:
++          - medium
++      title: RHEL 9 must not forward Internet Protocol version 4 (IPv4) source-routed packets.
++      rules:
++          - sysctl_net_ipv4_conf_all_accept_source_route
++      status: automated
++
++    - id: RHEL-09-253025
++      levels:
++          - medium
++      title: RHEL 9 must log IPv4 packets with impossible addresses.
++      rules:
++          - sysctl_net_ipv4_conf_all_log_martians
++      status: automated
++
++    - id: RHEL-09-253030
++      levels:
++          - medium
++      title: RHEL 9 must log IPv4 packets with impossible addresses by default.
++      rules:
++          - sysctl_net_ipv4_conf_default_log_martians
++      status: automated
++
++    - id: RHEL-09-253035
++      levels:
++          - medium
++      title: RHEL 9 must use reverse path filtering on all IPv4 interfaces.
++      rules:
++          - sysctl_net_ipv4_conf_all_rp_filter
++      status: automated
++
++    - id: RHEL-09-253040
++      levels:
++          - medium
++      title: RHEL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from
++          being accepted.
++      rules:
++          - sysctl_net_ipv4_conf_default_accept_redirects
++      status: automated
++
++    - id: RHEL-09-253045
++      levels:
++          - medium
++      title: RHEL 9 must not forward IPv4 source-routed packets by default.
++      rules:
++          - sysctl_net_ipv4_conf_default_accept_source_route
++      status: automated
++
++    - id: RHEL-09-253050
++      levels:
++          - medium
++      title: RHEL 9 must use a reverse-path filter for IPv4 network traffic when possible by default.
++      rules:
++          - sysctl_net_ipv4_conf_default_rp_filter
++      status: automated
++
++    - id: RHEL-09-253055
++      levels:
++          - medium
++      title: RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast
++          address.
++      rules:
++          - sysctl_net_ipv4_icmp_echo_ignore_broadcasts
++      status: automated
++
++    - id: RHEL-09-253060
++      levels:
++          - medium
++      title: RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response
++          errors logs.
++      rules:
++          - sysctl_net_ipv4_icmp_ignore_bogus_error_responses
++      status: automated
++
++    - id: RHEL-09-253065
++      levels:
++          - medium
++      title: RHEL 9 must not send Internet Control Message Protocol (ICMP) redirects.
++      rules:
++          - sysctl_net_ipv4_conf_all_send_redirects
++      status: automated
++
++    - id: RHEL-09-253070
++      levels:
++          - medium
++      title: RHEL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects
++          by default.
++      rules:
++          - sysctl_net_ipv4_conf_default_send_redirects
++      status: automated
++
++    - id: RHEL-09-253075
++      levels:
++          - medium
++      title: RHEL 9 must not enable IPv4 packet forwarding unless the system is a router.
++      rules:
++          - sysctl_net_ipv4_conf_all_forwarding
++      status: automated
++
++    - id: RHEL-09-254010
++      levels:
++          - medium
++      title: RHEL 9 must not accept router advertisements on all IPv6 interfaces.
++      rules:
++          - sysctl_net_ipv6_conf_all_accept_ra
++      status: automated
++
++    - id: RHEL-09-254015
++      levels:
++          - medium
++      title: RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
++      rules:
++          - sysctl_net_ipv6_conf_all_accept_redirects
++      status: automated
++
++    - id: RHEL-09-254020
++      levels:
++          - medium
++      title: RHEL 9 must not forward IPv6 source-routed packets.
++      rules:
++          - sysctl_net_ipv6_conf_all_accept_source_route
++      status: automated
++
++    - id: RHEL-09-254025
++      levels:
++          - medium
++      title: RHEL 9 must not enable IPv6 packet forwarding unless the system is a router.
++      rules:
++          - sysctl_net_ipv6_conf_all_forwarding
++      status: automated
++
++    - id: RHEL-09-254030
++      levels:
++          - medium
++      title: RHEL 9 must not accept router advertisements on all IPv6 interfaces by default.
++      rules:
++          - sysctl_net_ipv6_conf_default_accept_ra
++      status: automated
++
++    - id: RHEL-09-254035
++      levels:
++          - medium
++      title: RHEL 9 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from
++          being accepted.
++      rules:
++          - sysctl_net_ipv6_conf_default_accept_redirects
++      status: automated
++
++    - id: RHEL-09-254040
++      levels:
++          - medium
++      title: RHEL 9 must not forward IPv6 source-routed packets by default.
++      rules:
++          - sysctl_net_ipv6_conf_default_accept_source_route
++      status: automated
++
++    - id: RHEL-09-255010
++      levels:
++          - medium
++      title: All RHEL 9 networked systems must have SSH installed.
++      rules:
++          - package_openssh-server_installed
++      status: automated
++
++    - id: RHEL-09-255015
++      levels:
++          - medium
++      title: All RHEL 9 networked systems must have and implement SSH to protect the confidentiality
++          and integrity of transmitted and received information, as well as information during preparation
++          for transmission.
++      rules:
++          - service_sshd_enabled
++      status: automated
++
++    - id: RHEL-09-255020
++      levels:
++          - medium
++      title: RHEL 9 must have the openssh-clients package installed.
++      rules:
++          - package_openssh-clients_installed
++      status: automated
++
++    - id: RHEL-09-255025
++      levels:
++          - medium
++      title: RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting
++          local or remote access to the system via a SSH logon.
++      rules:
++          - sshd_enable_warning_banner
++      status: automated
++
++    - id: RHEL-09-255030
++      levels:
++          - medium
++      title: RHEL 9 must log SSH connection attempts and failures to the server.
++      rules:
++          - sshd_set_loglevel_verbose
++      status: automated
++
++    - id: RHEL-09-255035
++      levels:
++          - medium
++      title: RHEL 9 SSHD must accept public key authentication.
++      rules:
++          - sshd_enable_pubkey_auth
++      status: automated
++
++    - id: RHEL-09-255040
++      levels:
++          - high
++      title: RHEL 9 SSHD must not allow blank passwords.
++      rules:
++          - sshd_disable_empty_passwords
++      status: automated
++
++    - id: RHEL-09-255045
++      levels:
++          - medium
++      title: RHEL 9 must not permit direct logons to the root account using remote access via SSH.
++      rules:
++          - sshd_disable_root_login
++      status: automated
++
++    - id: RHEL-09-255050
++      levels:
++          - high
++      title: RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.
++      rules:
++          - sshd_enable_pam
++      status: automated
++
++    - id: RHEL-09-255055
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must be configured to use system-wide crypto policies.
++      rules:
++          - file_sshd_50_redhat_exists
++          - sshd_include_crypto_policy
++      status: automated
++
++    - id: RHEL-09-255060
++      levels:
++          - medium
++      title: RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of
++          SSH client connections.
++      rules:
++          - sshd_include_crypto_policy
++      status: automated
++    - id: RHEL-09-255064
++      title: The RHEL 9 SSH client must be configured to use only DOD-approved encryption ciphers employing
++          FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client
++          connections.
++      levels:
++          - medium
++      rules:
++          - harden_sshd_ciphers_openssh_conf_crypto_policy
++          - sshd_approved_ciphers=stig_rhel9
++    - id: RHEL-09-255065
++      levels:
++          - medium
++      title: RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of
++          SSH server connections.
++      rules:
++          - harden_sshd_ciphers_opensshserver_conf_crypto_policy
++          - sshd_approved_ciphers=stig_rhel9
++      status: automated
++    - id: RHEL-09-255070
++      levels:
++          - medium
++      title: The RHEL 9 SSH client must be configured to use only DOD-approved Message Authentication
++          Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality
++          of SSH client connections.
++      rules:
++          - harden_sshd_macs_openssh_conf_crypto_policy
++          - sshd_approved_macs=stig_rhel9
++
++    - id: RHEL-09-255075
++      levels:
++          - medium
++      title: RHEL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing
++          FIPS 140-3 validated cryptographic hash algorithms.
++      status: automated
++      rules:
++          - harden_sshd_macs_opensshserver_conf_crypto_policy
++          - sshd_approved_macs=stig_rhel9
++
++    - id: RHEL-09-255080
++      levels:
++          - medium
++      title: RHEL 9 must not allow a noncertificate trusted host SSH logon to the system.
++      rules:
++          - disable_host_auth
++      status: automated
++
++    - id: RHEL-09-255085
++      levels:
++          - medium
++      title: RHEL 9 must not allow users to override SSH environment variables.
++      rules:
++          - sshd_do_not_permit_user_env
++      status: automated
++
++    - id: RHEL-09-255090
++      levels:
++          - medium
++      title: RHEL 9 must force a frequent session key renegotiation for SSH connections to the server.
++      rules:
++          - sshd_rekey_limit
++          - var_rekey_limit_size=1G
++          - var_rekey_limit_time=1hour
++      status: automated
++
++    - id: RHEL-09-255095
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that all network connections associated with SSH traffic terminate
++          after becoming unresponsive.
++      rules:
++          - sshd_set_keepalive
++          - var_sshd_set_keepalive=1
++      status: automated
++
++    - id: RHEL-09-255100
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that all network connections associated with SSH traffic are
++          terminated after 10 minutes of becoming unresponsive.
++      rules:
++          - sshd_set_idle_timeout
++          - sshd_idle_timeout_value=10_minutes
++      status: automated
++
++    - id: RHEL-09-255105
++      levels:
++          - medium
++      title: RHEL 9 SSH server configuration file must be group-owned by root.
++      rules:
++          - file_groupowner_sshd_config
++          - directory_groupowner_sshd_config_d
++          - file_groupowner_sshd_drop_in_config
++      status: automated
++
++    - id: RHEL-09-255110
++      levels:
++          - medium
++      title: RHEL 9 SSH server configuration file must be owned by root.
++      rules:
++          - file_owner_sshd_config
++          - directory_owner_sshd_config_d
++          - file_owner_sshd_drop_in_config
++      status: automated
++
++    - id: RHEL-09-255115
++      levels:
++          - medium
++      title: RHEL 9 SSH server configuration file must have mode 0600 or less permissive.
++      rules:
++          - file_permissions_sshd_config
++          - directory_permissions_sshd_config_d
++          - file_permissions_sshd_drop_in_config
++      status: automated
++
++    - id: RHEL-09-255120
++      levels:
++          - medium
++      title: RHEL 9 SSH private host key files must have mode 0640 or less permissive.
++      rules:
++          - file_permissions_sshd_private_key
++      status: automated
++
++    - id: RHEL-09-255125
++      levels:
++          - medium
++      title: RHEL 9 SSH public host key files must have mode 0644 or less permissive.
++      rules:
++          - file_permissions_sshd_pub_key
++      status: automated
++
++    - id: RHEL-09-255130
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must not allow compression or must only allow compression after successful
++          authentication.
++      rules:
++          - sshd_disable_compression
++          - var_sshd_disable_compression=no
++      status: automated
++
++    - id: RHEL-09-255135
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must not allow GSSAPI authentication.
++      rules:
++          - sshd_disable_gssapi_auth
++      status: automated
++
++    - id: RHEL-09-255140
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must not allow Kerberos authentication.
++      rules:
++          - sshd_disable_kerb_auth
++      status: automated
++
++    - id: RHEL-09-255145
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must not allow rhosts authentication.
++      rules:
++          - sshd_disable_rhosts
++      status: automated
++
++    - id: RHEL-09-255150
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must not allow known hosts authentication.
++      rules:
++          - sshd_disable_user_known_hosts
++      status: automated
++
++    - id: RHEL-09-255155
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must disable remote X connections for interactive users.
++      rules:
++          - sshd_disable_x11_forwarding
++      status: automated
++
++    - id: RHEL-09-255160
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files.
++      rules:
++          - sshd_enable_strictmodes
++      status: automated
++
++    - id: RHEL-09-255165
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must display the date and time of the last successful account logon upon
++          an SSH logon.
++      rules:
++          - sshd_print_last_log
++      status: automated
++
++    - id: RHEL-09-255175
++      levels:
++          - medium
++      title: RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display.
++      rules:
++          - sshd_x11_use_localhost
++      status: automated
++
++    - id: RHEL-09-271010
++      levels:
++          - medium
++      title: RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting
++          local or remote access to the system via a graphical user logon.
++      rules:
++          - dconf_gnome_banner_enabled
++      status: automated
++
++    - id: RHEL-09-271015
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the banner-message-enable setting for the graphical
++          user interface.
++      rules:
++          - dconf_gnome_banner_enabled
++      status: automated
++
++    - id: RHEL-09-271020
++      levels:
++          - medium
++      title: RHEL 9 must disable the graphical user interface automount function unless required.
++      rules:
++          - dconf_gnome_disable_automount_open
++      status: automated
++
++    - id: RHEL-09-271025
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the disabling of the graphical user interface
++          automount function.
++      rules:
++          - dconf_gnome_disable_automount_open
++      status: automated
++
++    - id: RHEL-09-271030
++      levels:
++          - medium
++      title: RHEL 9 must disable the graphical user interface autorun function unless required.
++      rules:
++          - dconf_gnome_disable_autorun
++      status: automated
++
++    - id: RHEL-09-271035
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the disabling of the graphical user interface
++          autorun function.
++      rules:
++          - dconf_gnome_disable_autorun
++      status: automated
++
++    - id: RHEL-09-271040
++      levels:
++          - high
++      title: RHEL 9 must not allow unattended or automatic logon via the graphical user interface.
++      rules:
++          - gnome_gdm_disable_automatic_login
++      status: automated
++
++    - id: RHEL-09-271045
++      levels:
++          - medium
++      title: RHEL 9 must be able to initiate directly a session lock for all connection types using smart
++          card when the smart card is removed.
++      rules:
++          - dconf_gnome_lock_screen_on_smartcard_removal
++      status: automated
++
++    - id: RHEL-09-271050
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card
++          removal action.
++      rules:
++          - dconf_gnome_lock_screen_on_smartcard_removal
++      status: automated
++
++    - id: RHEL-09-271055
++      levels:
++          - medium
++      title: RHEL 9 must enable a user session lock until that user re-establishes access using established
++          identification and authentication procedures for graphical user sessions.
++      rules:
++          - dconf_gnome_screensaver_lock_enabled
++      status: automated
++
++    - id: RHEL-09-271060
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the
++          graphical user interface.
++      rules:
++          - dconf_gnome_screensaver_lock_enabled
++      status: automated
++
++    - id: RHEL-09-271065
++      levels:
++          - medium
++      title: RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity.
++      rules:
++          - dconf_gnome_screensaver_idle_delay
++      status: automated
++
++    - id: RHEL-09-271070
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the session idle-delay setting for the graphical
++          user interface.
++      rules:
++          - dconf_gnome_session_idle_user_locks
++      status: automated
++
++    - id: RHEL-09-271075
++      levels:
++          - medium
++      title: RHEL 9 must initiate a session lock for graphical user interfaces when the screensaver is
++          activated.
++      rules:
++          - dconf_gnome_screensaver_lock_delay
++      status: automated
++
++    - id: RHEL-09-271080
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the session lock-delay setting for the graphical
++          user interface.
++      rules:
++          - dconf_gnome_screensaver_user_locks
++      status: automated
++
++    - id: RHEL-09-271085
++      levels:
++          - medium
++      title: RHEL 9 must conceal, via the session lock, information previously visible on the display
++          with a publicly viewable image.
++      rules:
++          - dconf_gnome_screensaver_mode_blank
++      status: automated
++
++    - id: RHEL-09-271090
++      levels:
++          - medium
++      title: RHEL 9 effective dconf policy must match the policy keyfiles.
++      rules:
++          - dconf_db_up_to_date
++      status: automated
++
++    - id: RHEL-09-271095
++      levels:
++          - medium
++      title: RHEL 9 must disable the ability of a user to restart the system from the login screen.
++      rules:
++          - dconf_gnome_disable_restart_shutdown
++      status: automated
++
++    - id: RHEL-09-271100
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical
++          user interface.
++      rules:
++          - dconf_gnome_disable_restart_shutdown
++      status: automated
++
++    - id: RHEL-09-271105
++      levels:
++          - medium
++      title: RHEL 9 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a
++          system to shut down or reboot.
++      rules:
++          - dconf_gnome_disable_ctrlaltdel_reboot
++      status: automated
++
++    - id: RHEL-09-271110
++      levels:
++          - medium
++      title: RHEL 9 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical
++          user interface.
++      rules:
++          - dconf_gnome_disable_ctrlaltdel_reboot
++      status: automated
++
++    - id: RHEL-09-271115
++      levels:
++          - medium
++      title: RHEL 9 must disable the user list at logon for graphical user interfaces.
++      rules:
++          - dconf_gnome_disable_user_list
++      status: automated
++
++    - id: RHEL-09-291010
++      levels:
++          - medium
++      title: RHEL 9 must be configured to disable USB mass storage.
++      rules:
++          - kernel_module_usb-storage_disabled
++      status: automated
++
++    - id: RHEL-09-291015
++      levels:
++          - medium
++      title: RHEL 9 must have the USBGuard package installed.
++      rules:
++          - package_usbguard_installed
++      status: automated
++
++    - id: RHEL-09-291020
++      levels:
++          - medium
++      title: RHEL 9 must have the USBGuard package enabled.
++      rules:
++          - service_usbguard_enabled
++      status: automated
++
++    - id: RHEL-09-291025
++      levels:
++          - low
++      title: RHEL 9 must enable Linux audit logging for the USBGuard daemon.
++      rules:
++          - configure_usbguard_auditbackend
++      status: automated
++
++    - id: RHEL-09-291030
++      levels:
++          - medium
++      title: RHEL 9 must block unauthorized peripherals before establishing a connection.
++      rules:
++          - usbguard_generate_policy
++      status: automated
++
++    - id: RHEL-09-291035
++      levels:
++          - medium
++      title: RHEL 9 Bluetooth must be disabled.
++      rules:
++          - kernel_module_bluetooth_disabled
++      status: automated
++
++    - id: RHEL-09-291040
++      levels:
++          - medium
++      title: RHEL 9 wireless network adapters must be disabled.
++      rules:
++          - wireless_disable_interfaces
++      status: automated
++
++    - id: RHEL-09-411010
++      levels:
++          - medium
++      title: RHEL 9 user account passwords for new users or password changes must have a 60-day maximum
++          password lifetime restriction in /etc/login.defs.
++      rules:
++          - accounts_maximum_age_login_defs
++      status: automated
++
++    - id: RHEL-09-411015
++      levels:
++          - medium
++      title: RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction.
++      rules:
++          - accounts_password_set_max_life_existing
++          - var_accounts_maximum_age_login_defs=60
++      status: automated
++
++    - id: RHEL-09-411020
++      levels:
++          - medium
++      title: All RHEL 9 local interactive user accounts must be assigned a home directory upon creation.
++      rules:
++          - accounts_have_homedir_login_defs
++      status: automated
++
++    - id: RHEL-09-411025
++      levels:
++          - medium
++      title: RHEL 9 must set the umask value to 077 for all local interactive user accounts.
++      rules:
++          - accounts_umask_interactive_users
++          - var_accounts_user_umask=077
++      status: automated
++
++    - id: RHEL-09-411030
++      levels:
++          - medium
++      title: RHEL 9 duplicate User IDs (UIDs) must not exist for interactive users.
++      rules:
++          - account_unique_id
++      status: automated
++
++    - id: RHEL-09-411035
++      levels:
++          - medium
++      title: RHEL 9 system accounts must not have an interactive login shell.
++      rules:
++          - no_shelllogin_for_systemaccounts
++      status: automated
++
++    - id: RHEL-09-411040
++      levels:
++          - medium
++      title: RHEL 9 must automatically expire temporary accounts within 72 hours.
++      rules:
++          - account_temp_expire_date
++      status: automated
++
++    - id: RHEL-09-411045
++      levels:
++          - medium
++      title: All RHEL 9 interactive users must have a primary group that exists.
++      rules:
++          - gid_passwd_group_same
++      status: automated
++
++    - id: RHEL-09-411050
++      levels:
++          - medium
++      title: RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after
++          35 days of inactivity.
++      rules:
++          - account_disable_post_pw_expiration
++          - var_account_disable_post_pw_expiration=35
++      status: automated
++
++    - id: RHEL-09-411055
++      levels:
++          - medium
++      title: Executable search paths within the initialization files of all local interactive RHEL 9
++          users must only contain paths that resolve to the system default or the users home directory.
++      rules:
++          - accounts_user_home_paths_only
++      status: automated
++
++    - id: RHEL-09-411060
++      levels:
++          - medium
++      title: All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd
++          file.
++      rules:
++          - accounts_user_interactive_home_directory_defined
++      status: automated
++
++    - id: RHEL-09-411065
++      levels:
++          - medium
++      title: All RHEL 9 local interactive user home directories defined in the /etc/passwd file must
++          exist.
++      rules:
++          - accounts_user_interactive_home_directory_exists
++      status: automated
++
++    - id: RHEL-09-411070
++      levels:
++          - medium
++      title: All RHEL 9 local interactive user home directories must be group-owned by the home directory
++          owner's primary group.
++      rules:
++          - file_groupownership_home_directories
++      status: automated
++
++    - id: RHEL-09-411075
++      levels:
++          - medium
++      title: RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur.
++      rules:
++          - accounts_passwords_pam_faillock_deny
++          - var_accounts_passwords_pam_faillock_deny=3
++      status: automated
++
++    - id: RHEL-09-411080
++      levels:
++          - medium
++      title: RHEL 9 must automatically lock the root account until the root account is released by an
++          administrator when three unsuccessful logon attempts occur during a 15-minute time period.
++      rules:
++          - accounts_passwords_pam_faillock_deny_root
++      status: automated
++
++    - id: RHEL-09-411085
++      levels:
++          - medium
++      title: RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during
++          a 15-minute time period.
++      rules:
++          - accounts_passwords_pam_faillock_interval
++          - var_accounts_passwords_pam_faillock_fail_interval=900
++      status: automated
++
++    - id: RHEL-09-411090
++      levels:
++          - medium
++      title: RHEL 9 must maintain an account lock until the locked account is released by an administrator.
++      rules:
++          - accounts_passwords_pam_faillock_unlock_time
++          - var_accounts_passwords_pam_faillock_unlock_time=never
++      status: automated
++
++    - id: RHEL-09-411095
++      levels:
++          - medium
++      title: RHEL 9 must not have unauthorized accounts.
++      rules:
++          - accounts_authorized_local_users
++          - var_accounts_authorized_local_users_regex=rhel9
++      status: automated
++
++    - id: RHEL-09-411100
++      levels:
++          - high
++      title: The root account must be the only account having unrestricted access to RHEL 9 system.
++      rules:
++          - accounts_no_uid_except_zero
++      status: automated
++
++    - id: RHEL-09-411105
++      levels:
++          - medium
++      title: RHEL 9 must ensure account lockouts persist.
++      rules:
++          - accounts_passwords_pam_faillock_dir
++      status: automated
++
++    - id: RHEL-09-411110
++      levels:
++          - medium
++      title: RHEL 9 groups must have unique Group ID (GID).
++      rules:
++          - group_unique_id
++      status: automated
++
++    - id: RHEL-09-411115
++      levels:
++          - medium
++      title: Local RHEL 9 initialization files must not execute world-writable programs.
++      rules:
++          - accounts_user_dot_no_world_writable_programs
++      status: automated
++
++    - id: RHEL-09-412035
++      levels:
++          - medium
++      title: RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes
++          of inactivity.
++      rules:
++          - accounts_tmout
++          - var_accounts_tmout=10_min
++      status: automated
++
++    - id: RHEL-09-412040
++      levels:
++          - low
++      title: RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account
++          types.
++      rules:
++          - accounts_max_concurrent_login_sessions
++          - var_accounts_max_concurrent_login_sessions=10
++      status: automated
++
++    - id: RHEL-09-412045
++      levels:
++          - medium
++      title: RHEL 9 must log username information when unsuccessful logon attempts occur.
++      rules:
++          - accounts_passwords_pam_faillock_audit
++      status: automated
++
++    - id: RHEL-09-412050
++      levels:
++          - medium
++      title: RHEL 9 must enforce a delay of at least four seconds between logon prompts following a failed
++          logon attempt.
++      rules:
++          - accounts_logon_fail_delay
++          - var_accounts_fail_delay=4
++      status: automated
++
++    - id: RHEL-09-412055
++      levels:
++          - medium
++      title: RHEL 9 must define default permissions for the bash shell.
++      rules:
++          - accounts_umask_etc_bashrc
++      status: automated
++
++    - id: RHEL-09-412060
++      levels:
++          - medium
++      title: RHEL 9 must define default permissions for the c shell.
++      rules:
++          - accounts_umask_etc_csh_cshrc
++      status: automated
++
++    - id: RHEL-09-412065
++      levels:
++          - medium
++      title: RHEL 9 must define default permissions for all authenticated users in such a way that the
++          user can only read and modify their own files.
++      rules:
++          - accounts_umask_etc_login_defs
++      status: automated
++
++    - id: RHEL-09-412070
++      levels:
++          - medium
++      title: RHEL 9 must define default permissions for the system default profile.
++      rules:
++          - accounts_umask_etc_profile
++      status: automated
++
++    - id: RHEL-09-412075
++      levels:
++          - low
++      title: RHEL 9 must display the date and time of the last successful account logon upon logon.
++      rules:
++          - display_login_attempts
++      status: automated
++
++    - id: RHEL-09-412080
++      levels:
++          - medium
++      title: RHEL 9 must terminate idle user sessions.
++      rules:
++          - logind_session_timeout
++          - var_logind_session_timeout=15_minutes
++      status: automated
++
++    - id: RHEL-09-431010
++      levels:
++          - high
++      title: RHEL 9 must use a Linux Security Module configured to enforce limits on system services.
++      rules:
++          - selinux_state
++          - var_selinux_state=enforcing
++      status: automated
++
++    - id: RHEL-09-431015
++      levels:
++          - medium
++      title: RHEL 9 must enable the SELinux targeted policy.
++      rules:
++          - selinux_policytype
++          - var_selinux_policy_name=targeted
++      status: automated
++
++    - id: RHEL-09-431016
++      title: 'RHEL 9 must elevate the SELinux context when an administrator calls the sudo command.'
++      rules:
++          - selinux_context_elevation_for_sudo
++      status: automated
++
++    - id: RHEL-09-431020
++      levels:
++          - medium
++      title: RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally
++          directory.
++      rules:
++          - account_password_selinux_faillock_dir
++      status: automated
++
++    - id: RHEL-09-431025
++      levels:
++          - medium
++      title: RHEL 9 must have policycoreutils package installed.
++      rules:
++          - package_policycoreutils_installed
++      status: automated
++
++    - id: RHEL-09-431030
++      levels:
++          - medium
++      title: RHEL 9 policycoreutils-python-utils package must be installed.
++      rules:
++          - package_policycoreutils-python-utils_installed
++      status: automated
++
++    - id: RHEL-09-432010
++      levels:
++          - medium
++      title: RHEL 9 must have the sudo package installed.
++      rules:
++          - package_sudo_installed
++      status: automated
++
++    - id: RHEL-09-432015
++      levels:
++          - medium
++      title: RHEL 9 must require reauthentication when using the "sudo" command.
++      rules:
++          - sudo_require_reauthentication
++          - var_sudo_timestamp_timeout=always_prompt
++      status: automated
++
++    - id: RHEL-09-432020
++      levels:
++          - medium
++      title: RHEL 9 must use the invoking user's password for privilege escalation when using "sudo".
++      rules:
++          - sudoers_validate_passwd
++      status: automated
++
++    - id: RHEL-09-432025
++      levels:
++          - medium
++      title: RHEL 9 must require users to reauthenticate for privilege escalation.
++      rules:
++          - sudo_remove_no_authenticate
++      status: automated
++
++    - id: RHEL-09-432030
++      levels:
++          - medium
++      title: RHEL 9 must restrict privilege elevation to authorized personnel.
++      rules:
++          - sudo_restrict_privilege_elevation_to_authorized
++      status: automated
++
++    - id: RHEL-09-432035
++      levels:
++          - medium
++      title: RHEL 9 must restrict the use of the "su" command.
++      rules:
++          - use_pam_wheel_for_su
++      status: automated
++
++    - id: RHEL-09-433010
++      levels:
++          - medium
++      title: RHEL 9 fapolicy module must be installed.
++      rules:
++          - package_fapolicyd_installed
++      status: automated
++
++    - id: RHEL-09-433015
++      levels:
++          - medium
++      title: RHEL 9 fapolicy module must be enabled.
++      rules:
++          - service_fapolicyd_enabled
++      status: automated
++
++    - id: RHEL-09-433016
++      levels:
++          - medium
++      title: The RHEL 9 fapolicy module must be configured to employ a deny-all, permit-by-exception
++          policy to allow the execution of authorized software programs.
++      rules:
++          - fapolicy_default_deny
++      status: automated
++
++    - id: RHEL-09-611010
++      levels:
++          - medium
++      title: RHEL 9 must ensure the password complexity module in the system-auth file is configured
++          for three retries or less.
++      rules:
++          - accounts_password_pam_pwquality_retry
++          - var_password_pam_retry=3
++      status: automated
++
++    - id: RHEL-09-611025
++      levels:
++          - high
++      title: RHEL 9 must not allow blank or null passwords.
++      rules:
++          - no_empty_passwords
++      status: automated
++
++    - id: RHEL-09-611030
++      levels:
++          - medium
++      title: RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth
++          file.
++      rules:
++          - account_password_pam_faillock_system_auth
++      status: automated
++
++    - id: RHEL-09-611035
++      levels:
++          - medium
++      title: RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth
++          file.
++      rules:
++          - account_password_pam_faillock_password_auth
++      status: automated
++
++    - id: RHEL-09-611040
++      levels:
++          - medium
++      title: RHEL 9 must ensure the password complexity module is enabled in the password-auth file.
++      rules:
++          - accounts_password_pam_pwquality_password_auth
++      status: automated
++
++    - id: RHEL-09-611045
++      levels:
++          - medium
++      title: RHEL 9 must ensure the password complexity module is enabled in the system-auth file.
++      rules:
++          - accounts_password_pam_pwquality_system_auth
++      status: automated
++
++    - id: RHEL-09-611050
++      levels:
++          - medium
++      title: RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds.
++      rules:
++          - accounts_password_pam_unix_rounds_password_auth
++          - var_password_pam_unix_rounds=100000
++      status: automated
++
++    - id: RHEL-09-611055
++      levels:
++          - medium
++      title: RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds.
++      rules:
++          - accounts_password_pam_unix_rounds_system_auth
++      status: automated
++
++    - id: RHEL-09-611060
++      levels:
++          - medium
++      title: RHEL 9 must enforce password complexity rules for the root account.
++      rules:
++          - accounts_password_pam_enforce_root
++      status: automated
++
++    - id: RHEL-09-611065
++      levels:
++          - medium
++      title: RHEL 9 must enforce password complexity by requiring that at least one lowercase character
++          be used.
++      rules:
++          - accounts_password_pam_lcredit
++          - var_password_pam_lcredit=1
++      status: automated
++
++    - id: RHEL-09-611070
++      levels:
++          - medium
++      title: RHEL 9 must enforce password complexity by requiring that at least one numeric character
++          be used.
++      rules:
++          - accounts_password_pam_dcredit
++          - var_password_pam_dcredit=1
++      status: automated
++
++    - id: RHEL-09-611075
++      levels:
++          - medium
++      title: RHEL 9 passwords for new users or password changes must have a 24 hours minimum password
++          lifetime restriction in /etc/login.defs.
++      rules:
++          - accounts_minimum_age_login_defs
++      status: automated
++
++    - id: RHEL-09-611080
++      levels:
++          - medium
++      title: RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow.
++      rules:
++          - accounts_password_set_min_life_existing
++          - var_accounts_minimum_age_login_defs=1
++      status: automated
++
++    - id: RHEL-09-611085
++      levels:
++          - medium
++      title: RHEL 9 must require users to provide a password for privilege escalation.
++      rules:
++          - sudo_remove_nopasswd
++      status: automated
++
++    - id: RHEL-09-611090
++      levels:
++          - medium
++      title: RHEL 9 passwords must be created with a minimum of 15 characters.
++      rules:
++          - accounts_password_pam_minlen
++          - var_password_pam_minlen=15
++      status: automated
++
++    - id: RHEL-09-611100
++      levels:
++          - medium
++      title: RHEL 9 must enforce password complexity by requiring that at least one special character
++          be used.
++      rules:
++          - accounts_password_pam_ocredit
++          - var_password_pam_ocredit=1
++      status: automated
++
++    - id: RHEL-09-611105
++      levels:
++          - medium
++      title: RHEL 9 must prevent the use of dictionary words for passwords.
++      rules:
++          - accounts_password_pam_dictcheck
++          - var_password_pam_dictcheck=1
++      status: automated
++
++    - id: RHEL-09-611110
++      levels:
++          - medium
++      title: RHEL 9 must enforce password complexity by requiring that at least one uppercase character
++          be used.
++      rules:
++          - accounts_password_pam_ucredit
++          - var_password_pam_ucredit=1
++      status: automated
++
++    - id: RHEL-09-611115
++      levels:
++          - medium
++      title: RHEL 9 must require the change of at least eight characters when passwords are changed.
++      rules:
++          - accounts_password_pam_difok
++          - var_password_pam_difok=8
++      status: automated
++
++    - id: RHEL-09-611120
++      levels:
++          - medium
++      title: RHEL 9 must require the maximum number of repeating characters of the same character class
++          be limited to four when passwords are changed.
++      rules:
++          - accounts_password_pam_maxclassrepeat
++          - var_password_pam_maxclassrepeat=4
++      status: automated
++
++    - id: RHEL-09-611125
++      levels:
++          - medium
++      title: RHEL 9 must require the maximum number of repeating characters be limited to three when
++          passwords are changed.
++      rules:
++          - accounts_password_pam_maxrepeat
++          - var_password_pam_maxrepeat=3
++      status: automated
++
++    - id: RHEL-09-611130
++      levels:
++          - medium
++      title: RHEL 9 must require the change of at least four character classes when passwords are changed.
++      rules:
++          - accounts_password_pam_minclass
++          - var_password_pam_minclass=4
++      status: automated
++
++    - id: RHEL-09-611135
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that user and group account administration utilities are configured
++          to store only encrypted representations of passwords.
++      rules:
++          - set_password_hashing_algorithm_libuserconf
++          - var_password_hashing_algorithm_pam=sha512
++      status: automated
++
++    - id: RHEL-09-611140
++      levels:
++          - medium
++      title: RHEL 9 must be configured to use the shadow file to store only encrypted representations
++          of passwords.
++      rules:
++          - set_password_hashing_algorithm_logindefs
++          - var_password_hashing_algorithm=SHA512
++      status: automated
++
++    - id: RHEL-09-611145
++      levels:
++          - medium
++      title: RHEL 9 must not be configured to bypass password requirements for privilege escalation.
++      rules:
++          - disallow_bypass_password_sudo
++      status: automated
++
++    - id: RHEL-09-611155
++      levels:
++          - medium
++      title: RHEL 9 must not have accounts configured with blank or null passwords.
++      rules:
++          - no_empty_passwords_etc_shadow
++      status: automated
++
++    - id: RHEL-09-611160
++      levels:
++          - medium
++      title: RHEL 9 must use the CAC smart card driver.
++      rules:
++          - configure_opensc_card_drivers
++          - var_smartcard_drivers=cac
++      status: automated
++
++    - id: RHEL-09-611165
++      levels:
++          - medium
++      title: RHEL 9 must enable certificate based smart card authentication.
++      rules:
++          - sssd_enable_smartcards
++      status: automated
++
++    - id: RHEL-09-611170
++      levels:
++          - medium
++      title: RHEL 9 must implement certificate status checking for multifactor authentication.
++      rules:
++          - sssd_certificate_verification
++          - var_sssd_certificate_verification_digest_function=sha512
++      status: automated
++
++    - id: RHEL-09-611175
++      levels:
++          - medium
++      title: RHEL 9 must have the pcsc-lite package installed.
++      rules:
++          - package_pcsc-lite_installed
++      status: automated
++
++    - id: RHEL-09-611180
++      levels:
++          - medium
++      title: The pcscd service on RHEL 9 must be active.
++      rules:
++          - service_pcscd_enabled
++      status: automated
++
++    - id: RHEL-09-611185
++      levels:
++          - medium
++      title: RHEL 9 must have the opensc package installed.
++      rules:
++          - package_opensc_installed
++      status: automated
++
++    - id: RHEL-09-611190
++      levels:
++          - medium
++      title: RHEL 9, for PKI-based authentication, must enforce authorized access to the corresponding
++          private key.
++      rules:
++          - ssh_keys_passphrase_protected
++      status: automated
++
++    - id: RHEL-09-611195
++      levels:
++          - medium
++      title: RHEL 9 must require authentication to access emergency mode.
++      rules:
++          - require_emergency_target_auth
++      status: automated
++
++    - id: RHEL-09-611200
++      levels:
++          - medium
++      title: RHEL 9 must require authentication to access single-user mode.
++      rules:
++          - require_singleuser_auth
++      status: automated
++
++    - id: RHEL-09-631010
++      levels:
++          - medium
++      title: RHEL 9, for PKI-based authentication, must validate certificates by constructing a certification
++          path (which includes status information) to an accepted trust anchor.
++      rules:
++          - sssd_has_trust_anchor
++      status: automated
++
++    - id: RHEL-09-631015
++      levels:
++          - medium
++      title: RHEL 9 must map the authenticated identity to the user or group account for PKI-based authentication.
++      rules:
++          - sssd_enable_certmap
++      status: automated
++
++    - id: RHEL-09-631020
++      levels:
++          - medium
++      title: RHEL 9 must prohibit the use of cached authenticators after one day.
++      rules:
++          - sssd_offline_cred_expiration
++      status: automated
++
++    - id: RHEL-09-651010
++      levels:
++          - medium
++      title: RHEL 9 must have the AIDE package installed.
++      rules:
++          - package_aide_installed
++          - aide_build_database
++      status: automated
++
++    - id: RHEL-09-651015
++      levels:
++          - medium
++      title: RHEL 9 must routinely check the baseline configuration for unauthorized changes and notify
++          the system administrator when anomalies in the operation of any security functions are discovered.
++      rules:
++          - aide_scan_notification
++      status: automated
++
++    - id: RHEL-09-651020
++      levels:
++          - medium
++      title: RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic
++          hashes for validating file contents and directories.
++      rules:
++          - aide_use_fips_hashes
++      status: automated
++
++    - id: RHEL-09-651025
++      levels:
++          - medium
++      title: RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.
++      rules:
++          - aide_check_audit_tools
++      status: automated
++
++    - id: RHEL-09-651030
++      levels:
++          - low
++      title: RHEL 9 must be configured so that the file integrity tool verifies Access Control Lists
++          (ACLs).
++      rules:
++          - aide_verify_acls
++      status: automated
++
++    - id: RHEL-09-651035
++      levels:
++          - low
++      title: RHEL 9 must be configured so that the file integrity tool verifies extended attributes.
++      rules:
++          - aide_verify_ext_attributes
++      status: automated
++
++    - id: RHEL-09-652010
++      levels:
++          - medium
++      title: RHEL 9 must have the rsyslog package installed.
++      rules:
++          - package_rsyslog_installed
++      status: automated
++
++    - id: RHEL-09-652015
++      levels:
++          - medium
++      title: RHEL 9 must have the packages required for encrypting offloaded audit logs installed.
++      rules:
++          - package_rsyslog-gnutls_installed
++      status: automated
++
++    - id: RHEL-09-652020
++      levels:
++          - medium
++      title: The rsyslog service on RHEL 9 must be active.
++      rules:
++          - service_rsyslog_enabled
++      status: automated
++
++    - id: RHEL-09-652025
++      levels:
++          - medium
++      title: RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other
++          servers unless the server is being used for log aggregation.
++      rules:
++          - rsyslog_nolisten
++      status: automated
++
++    - id: RHEL-09-652030
++      levels:
++          - medium
++      title: All RHEL 9 remote access methods must be monitored.
++      rules:
++          - rsyslog_remote_access_monitoring
++      status: automated
++
++    - id: RHEL-09-652040
++      levels:
++          - medium
++      title: RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog.
++      rules:
++          - rsyslog_encrypt_offload_actionsendstreamdriverauthmode
++      status: automated
++
++    - id: RHEL-09-652045
++      levels:
++          - medium
++      title: RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media
++          from the system being audited via rsyslog.
++      rules:
++          - rsyslog_encrypt_offload_actionsendstreamdrivermode
++      status: automated
++
++    - id: RHEL-09-652050
++      levels:
++          - medium
++      title: RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different
++          system or media from the system being audited via rsyslog.
++      rules:
++          - rsyslog_encrypt_offload_defaultnetstreamdriver
++      status: automated
++
++    - id: RHEL-09-652055
++      levels:
++          - medium
++      title: RHEL 9 must be configured to forward audit records via TCP to a different system or media
++          from the system being audited via rsyslog.
++      rules:
++          - rsyslog_remote_loghost
++      status: automated
++
++    - id: RHEL-09-652060
++      levels:
++          - medium
++      title: RHEL 9 must use cron logging.
++      rules:
++          - rsyslog_cron_logging
++      status: automated
++
++    - id: RHEL-09-653010
++      levels:
++          - medium
++      title: RHEL 9 audit package must be installed.
++      rules:
++          - package_audit_installed
++      status: automated
++
++    - id: RHEL-09-653015
++      levels:
++          - medium
++      title: RHEL 9 audit service must be enabled.
++      rules:
++          - service_auditd_enabled
++      status: automated
++
++    - id: RHEL-09-653020
++      levels:
++          - medium
++      title: RHEL 9 audit system must take appropriate action when an error writing to the audit storage
++          volume occurs.
++      rules:
++          - auditd_data_disk_error_action_stig
++          - var_auditd_disk_error_action=halt
++      status: automated
++
++    - id: RHEL-09-653025
++      levels:
++          - medium
++      title: RHEL 9 audit system must take appropriate action when the audit storage volume is full.
++      rules:
++          - auditd_data_disk_full_action_stig
++          - var_auditd_disk_full_action=halt
++      status: automated
++
++    - id: RHEL-09-653030
++      levels:
++          - medium
++      title: RHEL 9 must allocate audit record storage capacity to store at least one week's worth of
++          audit records.
++      rules:
++          - auditd_audispd_configure_sufficiently_large_partition
++      status: automated
++
++    - id: RHEL-09-653035
++      levels:
++          - medium
++      title: RHEL 9 must take action when allocated audit record storage volume reaches 75 percent of
++          the repository maximum audit record storage capacity.
++      rules:
++          - auditd_data_retention_space_left_percentage
++          - var_auditd_space_left_percentage=25pc
++      status: automated
++
++    - id: RHEL-09-653040
++      levels:
++          - medium
++      title: RHEL 9 must notify the system administrator (SA) and information system security officer
++          (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.
++      rules:
++          - auditd_data_retention_space_left_action
++          - var_auditd_space_left_action=email
++      status: automated
++
++    - id: RHEL-09-653045
++      levels:
++          - medium
++      title: RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of
++          the audit record storage capacity.
++      rules:
++          - auditd_data_retention_admin_space_left_percentage
++          - var_auditd_admin_space_left_percentage=5pc
++      status: automated
++
++    - id: RHEL-09-653050
++      levels:
++          - medium
++      title: RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of
++          the repository maximum audit record storage capacity.
++      rules:
++          - auditd_data_retention_admin_space_left_action
++          - var_auditd_admin_space_left_action=single
++      status: automated
++
++    - id: RHEL-09-653055
++      levels:
++          - medium
++      title: RHEL 9 audit system must take appropriate action when the audit files have reached maximum
++          size.
++      rules:
++          - auditd_data_retention_max_log_file_action_stig
++          - var_auditd_max_log_file_action=rotate
++      status: automated
++
++    - id: RHEL-09-653060
++      levels:
++          - medium
++      title: RHEL 9 must label all offloaded audit logs before sending them to the central log server.
++      rules:
++          - auditd_name_format
++          - var_auditd_name_format=stig
++      status: automated
++
++    - id: RHEL-09-653065
++      levels:
++          - medium
++      title: RHEL 9 must take appropriate action when the internal event queue is full.
++      rules:
++          - auditd_overflow_action
++      status: automated
++
++    - id: RHEL-09-653070
++      levels:
++          - medium
++      title: RHEL 9 System Administrator (SA) and/or information system security officer (ISSO) (at a
++          minimum) must be alerted of an audit processing failure event.
++      rules:
++          - auditd_data_retention_action_mail_acct
++          - var_auditd_action_mail_acct=root
++      status: automated
++
++    - id: RHEL-09-653075
++      levels:
++          - medium
++      title: RHEL 9 audit system must audit local events.
++      rules:
++          - auditd_local_events
++      status: automated
++
++    - id: RHEL-09-653080
++      levels:
++          - medium
++      title: RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent
++          unauthorized read access.
++      rules:
++          - directory_group_ownership_var_log_audit
++      status: automated
++
++    - id: RHEL-09-653085
++      levels:
++          - medium
++      title: RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.
++      rules:
++          - directory_ownership_var_log_audit
++      status: automated
++
++    - id: RHEL-09-653090
++      levels:
++          - medium
++      title: RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access
++          to the audit log.
++      rules:
++          - file_permissions_var_log_audit
++      status: automated
++
++    - id: RHEL-09-653095
++      levels:
++          - medium
++      title: RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records.
++      rules:
++          - auditd_freq
++          - var_auditd_freq=100
++      status: automated
++
++    - id: RHEL-09-653100
++      levels:
++          - medium
++      title: RHEL 9 must produce audit records containing information to establish the identity of any
++          individual or process associated with the event.
++      rules:
++          - auditd_log_format
++      status: automated
++
++    - id: RHEL-09-653105
++      levels:
++          - medium
++      title: RHEL 9 must write audit records to disk.
++      rules:
++          - auditd_write_logs
++      status: automated
++
++    - id: RHEL-09-653110
++      levels:
++          - medium
++      title: RHEL 9 must allow only the information system security manager (ISSM) (or individuals or
++          roles appointed by the ISSM) to select which auditable events are to be audited.
++      rules:
++          - file_permissions_audit_configuration
++      status: automated
++
++    - id: RHEL-09-653115
++      levels:
++          - medium
++      title: RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized
++          access.
++      rules:
++          - file_permissions_etc_audit_auditd
++      status: automated
++
++    - id: RHEL-09-653120
++      levels:
++          - low
++      title: RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that
++          start prior to the audit daemon.
++      rules:
++          - grub2_audit_backlog_limit_argument
++          - var_audit_backlog_limit=8192
++      status: automated
++
++    - id: RHEL-09-653125
++      levels:
++          - medium
++      title: RHEL 9 must have mail aliases to notify the information system security officer (ISSO) and
++          system administrator (SA) (at a minimum) in the event of an audit processing failure.
++      rules:
++          - postfix_client_configure_mail_alias
++      status: automated
++
++    - id: RHEL-09-653130
++      levels:
++          - medium
++      title: RHEL 9 audispd-plugins package must be installed.
++      rules:
++          - package_audispd-plugins_installed
++      status: automated
++
++    - id: RHEL-09-654010
++      levels:
++          - medium
++      title: RHEL 9 must audit uses of the "execve" system call.
++      rules:
++          - audit_rules_suid_privilege_function
++      status: automated
++
++    - id: RHEL-09-654015
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls.
++      rules:
++          - audit_rules_dac_modification_chmod
++          - audit_rules_dac_modification_fchmod
++          - audit_rules_dac_modification_fchmodat
++      status: automated
++
++    - id: RHEL-09-654020
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls.
++      rules:
++          - audit_rules_dac_modification_chown
++          - audit_rules_dac_modification_fchown
++          - audit_rules_dac_modification_fchownat
++          - audit_rules_dac_modification_lchown
++      status: automated
++
++    - id: RHEL-09-654025
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr,
++          and lremovexattr system calls.
++      rules:
++          - audit_rules_dac_modification_setxattr
++          - audit_rules_dac_modification_fsetxattr
++          - audit_rules_dac_modification_lsetxattr
++          - audit_rules_dac_modification_removexattr
++          - audit_rules_dac_modification_fremovexattr
++          - audit_rules_dac_modification_lremovexattr
++      status: automated
++
++    - id: RHEL-09-654030
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of umount system calls.
++      rules:
++          - audit_rules_privileged_commands_umount
++      status: automated
++
++    - id: RHEL-09-654035
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chacl command.
++      rules:
++          - audit_rules_execution_chacl
++      status: automated
++
++    - id: RHEL-09-654040
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the setfacl command.
++      rules:
++          - audit_rules_execution_setfacl
++      status: automated
++
++    - id: RHEL-09-654045
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chcon command.
++      rules:
++          - audit_rules_execution_chcon
++      status: automated
++
++    - id: RHEL-09-654050
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the semanage command.
++      rules:
++          - audit_rules_execution_semanage
++      status: automated
++
++    - id: RHEL-09-654055
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the setfiles command.
++      rules:
++          - audit_rules_execution_setfiles
++      status: automated
++
++    - id: RHEL-09-654060
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the setsebool command.
++      rules:
++          - audit_rules_execution_setsebool
++      status: automated
++
++    - id: RHEL-09-654065
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls.
++      rules:
++          - audit_rules_file_deletion_events_rename
++          - audit_rules_file_deletion_events_unlink
++          - audit_rules_file_deletion_events_rmdir
++          - audit_rules_file_deletion_events_renameat
++          - audit_rules_file_deletion_events_unlinkat
++      status: automated
++
++    - id: RHEL-09-654070
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at
++          system calls.
++      rules:
++          - audit_rules_unsuccessful_file_modification_creat
++          - audit_rules_unsuccessful_file_modification_truncate
++          - audit_rules_unsuccessful_file_modification_ftruncate
++          - audit_rules_unsuccessful_file_modification_open
++          - audit_rules_unsuccessful_file_modification_openat
++          - audit_rules_unsuccessful_file_modification_open_by_handle_at
++      status: automated
++
++    - id: RHEL-09-654075
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the delete_module system call.
++      rules:
++          - audit_rules_kernel_module_loading_delete
++      status: automated
++
++    - id: RHEL-09-654080
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the init_module and finit_module system calls.
++      rules:
++          - audit_rules_kernel_module_loading_finit
++          - audit_rules_kernel_module_loading_init
++      status: automated
++
++    - id: RHEL-09-654085
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chage command.
++      rules:
++          - audit_rules_privileged_commands_chage
++      status: automated
++
++    - id: RHEL-09-654090
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the chsh command.
++      rules:
++          - audit_rules_privileged_commands_chsh
++      status: automated
++
++    - id: RHEL-09-654095
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the crontab command.
++      rules:
++          - audit_rules_privileged_commands_crontab
++      status: automated
++
++    - id: RHEL-09-654096
++      title: RHEL 9 must audit any script or executable called by cron as root or by any privileged user.
++      rules:
++          - audit_rules_etc_cron_d
++          - audit_rules_var_spool_cron
++      status: automated
++
++    - id: RHEL-09-654100
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the gpasswd command.
++      rules:
++          - audit_rules_privileged_commands_gpasswd
++      status: automated
++
++    - id: RHEL-09-654105
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the kmod command.
++      rules:
++          - audit_rules_privileged_commands_kmod
++      status: automated
++
++    - id: RHEL-09-654110
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the newgrp command.
++      rules:
++          - audit_rules_privileged_commands_newgrp
++      status: automated
++
++    - id: RHEL-09-654115
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the pam_timestamp_check command.
++      rules:
++          - audit_rules_privileged_commands_pam_timestamp_check
++      status: automated
++
++    - id: RHEL-09-654120
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the passwd command.
++      rules:
++          - audit_rules_privileged_commands_passwd
++      status: automated
++
++    - id: RHEL-09-654125
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the postdrop command.
++      rules:
++          - audit_rules_privileged_commands_postdrop
++      status: automated
++
++    - id: RHEL-09-654130
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the postqueue command.
++      rules:
++          - audit_rules_privileged_commands_postqueue
++      status: automated
++
++    - id: RHEL-09-654135
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the ssh-agent command.
++      rules:
++          - audit_rules_privileged_commands_ssh_agent
++      status: automated
++
++    - id: RHEL-09-654140
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the ssh-keysign command.
++      rules:
++          - audit_rules_privileged_commands_ssh_keysign
++      status: automated
++
++    - id: RHEL-09-654145
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the su command.
++      rules:
++          - audit_rules_privileged_commands_su
++      status: automated
++
++    - id: RHEL-09-654150
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the sudo command.
++      rules:
++          - audit_rules_privileged_commands_sudo
++      status: automated
++
++    - id: RHEL-09-654155
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the sudoedit command.
++      rules:
++          - audit_rules_privileged_commands_sudoedit
++      status: automated
++
++    - id: RHEL-09-654160
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the unix_chkpwd command.
++      rules:
++          - audit_rules_privileged_commands_unix_chkpwd
++      status: automated
++
++    - id: RHEL-09-654165
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the unix_update command.
++      rules:
++          - audit_rules_privileged_commands_unix_update
++      status: automated
++
++    - id: RHEL-09-654170
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the userhelper command.
++      rules:
++          - audit_rules_privileged_commands_userhelper
++      status: automated
++
++    - id: RHEL-09-654175
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the usermod command.
++      rules:
++          - audit_rules_privileged_commands_usermod
++      status: automated
++
++    - id: RHEL-09-654180
++      levels:
++          - medium
++      title: RHEL 9 must audit all uses of the mount command.
++      rules:
++          - audit_rules_privileged_commands_mount
++      status: automated
++
++    - id: RHEL-09-654185
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record.
++      rules:
++          - audit_privileged_commands_init
++      status: automated
++
++    - id: RHEL-09-654190
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.
++      rules:
++          - audit_privileged_commands_poweroff
++      status: automated
++
++    - id: RHEL-09-654195
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.
++      rules:
++          - audit_privileged_commands_reboot
++      status: automated
++
++    - id: RHEL-09-654200
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.
++      rules:
++          - audit_privileged_commands_shutdown
++      status: automated
++
++    - id: RHEL-09-654205
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the umount system call in RHEL 9 must generate an audit
++          record.
++      rules:
++          - audit_rules_dac_modification_umount
++      status: automated
++
++    - id: RHEL-09-654210
++      levels:
++          - medium
++      title: Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit
++          record.
++      rules:
++          - audit_rules_dac_modification_umount2
++      status: automated
++
++    - id: RHEL-09-654215
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/sudoers.
++      rules:
++          - audit_rules_sudoers
++      status: automated
++
++    - id: RHEL-09-654220
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/sudoers.d/ directory.
++      rules:
++          - audit_rules_sudoers_d
++      status: automated
++
++    - id: RHEL-09-654225
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/group.
++      rules:
++          - audit_rules_usergroup_modification_group
++      status: automated
++
++    - id: RHEL-09-654230
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/gshadow.
++      rules:
++          - audit_rules_usergroup_modification_gshadow
++      status: automated
++
++    - id: RHEL-09-654235
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/opasswd.
++      rules:
++          - audit_rules_usergroup_modification_opasswd
++      status: automated
++
++    - id: RHEL-09-654240
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/passwd.
++      rules:
++          - audit_rules_usergroup_modification_passwd
++      status: automated
++
++    - id: RHEL-09-654245
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /etc/shadow.
++      rules:
++          - audit_rules_usergroup_modification_shadow
++      status: automated
++
++    - id: RHEL-09-654250
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /var/log/faillock.
++      rules:
++          - audit_rules_login_events_faillock
++      status: automated
++
++    - id: RHEL-09-654255
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /var/log/lastlog.
++      rules:
++          - audit_rules_login_events_lastlog
++      status: automated
++
++    - id: RHEL-09-654260
++      levels:
++          - medium
++      title: RHEL 9 must generate audit records for all account creations, modifications, disabling,
++          and termination events that affect /var/log/tallylog.
++      rules:
++          - audit_rules_login_events_tallylog
++      status: automated
++
++    - id: RHEL-09-654265
++      levels:
++          - medium
++      title: RHEL 9 must take appropriate action when a critical audit processing failure occurs.
++      rules:
++          - audit_rules_system_shutdown
++      status: automated
++
++    - id: RHEL-09-654270
++      levels:
++          - medium
++      title: RHEL 9 audit system must protect logon UIDs from unauthorized change.
++      rules:
++          - audit_rules_immutable_login_uids
++      status: automated
++
++    - id: RHEL-09-654275
++      levels:
++          - medium
++      title: RHEL 9 audit system must protect auditing rules from unauthorized change.
++      rules:
++          - audit_rules_immutable
++      status: automated
++
++    - id: RHEL-09-671010
++      levels:
++          - high
++      title: RHEL 9 must enable FIPS mode.
++      rules:
++          - enable_fips_mode
++          - sysctl_crypto_fips_enabled
++          - var_system_crypto_policy=fips_stig
++          - enable_dracut_fips_module
++      status: automated
++
++    - id: RHEL-09-671015
++      levels:
++          - medium
++      title: RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords.
++      rules:
++          - accounts_password_all_shadowed_sha512
++      status: automated
++
++    - id: RHEL-09-671020
++      levels:
++          - medium
++      title: RHEL 9 IP tunnels must use FIPS 140-2/140-3 approved cryptographic algorithms.
++      rules:
++          - configure_libreswan_crypto_policy
++      status: automated
++
++    - id: RHEL-09-671025
++      levels:
++          - medium
++      title: RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3
++          approved cryptographic hashing algorithm for system authentication.
++      rules:
++          - set_password_hashing_algorithm_passwordauth
++      status: automated
++
++    - id: RHEL-09-672015
++      levels:
++          - high
++      title: RHEL 9 crypto policy files must match files shipped with the operating system.
++      status: pending
++
++    - id: RHEL-09-672020
++      levels:
++          - medium
++      title: RHEL 9 crypto policy must not be overridden.
++      notes: Rules for this control are intentionally not implemented. Checking whether files under /etc/crypto-policies/back-ends/
++          are symlinks is not an appropriate way to verify the consistency of the system's cryptographic settings.
++          The suggested fix mentioned in the STIG does not fully satisfy its own requirements, as it also symlinks the nss.config file.
++          Furthermore, running sudo 'update-crypto-policies --set FIPS' is not a reliable way to ensure FIPS compliance. Customers should
++          refer to the official Red Hat Documentation and use the 'fips=1' kernel option during system installation to ensure the system is
++          in FIPS mode.
++          More information can be found at https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/switching-rhel-to-fips-mode_security-hardening
++      status: pending
++
++    - id: RHEL-09-672025
++      levels:
++          - medium
++      title: RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive
++          orders, directives, policies, regulations, standards, and guidance for authentication to a
++          cryptographic module.
++      rules:
++          - configure_kerberos_crypto_policy
++      status: automated
++
++    - id: RHEL-09-672030
++      levels:
++          - high
++      title: RHEL 9 must implement DOD-approved TLS encryption in the GnuTLS package.
++      rules:
++          - configure_crypto_policy
++      status: automated
++
++    - id: RHEL-09-672050
++      levels:
++          - medium
++      title: RHEL 9 must implement DOD-approved encryption in the bind package.
++      rules:
++          - configure_bind_crypto_policy
++      status: automated
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg
 new file mode 100644
-index 000000000..af3334038
+index 000000000..0d07761b3
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg
 @@ -0,0 +1,144 @@
-+# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux 9
++# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -9503,11 +14429,11 @@ index 000000000..af3334038
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg
 new file mode 100644
-index 000000000..5cebc6ceb
+index 000000000..d681f0c30
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg
 @@ -0,0 +1,148 @@
-+# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux 9
++# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -9657,11 +14583,11 @@ index 000000000..5cebc6ceb
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg
 new file mode 100644
-index 000000000..71fbb5eb2
+index 000000000..8c70d06dc
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg
 @@ -0,0 +1,144 @@
-+# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux 9
++# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -9807,11 +14733,11 @@ index 000000000..71fbb5eb2
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg
 new file mode 100644
-index 000000000..131851bc1
+index 000000000..b6b49dc1a
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg
 @@ -0,0 +1,108 @@
-+# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux 9
++# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -9919,13 +14845,169 @@ index 000000000..131851bc1
 +# Reboot after the installation is complete (optional)
 +# --eject	attempt to eject CD or DVD media before rebooting
 +reboot --eject
+diff --git a/products/almalinux9/kickstart/ssg-almalinux9-bsi-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-bsi-ks.cfg
+new file mode 100644
+index 000000000..bcc3c9b78
+--- /dev/null
++++ b/products/almalinux9/kickstart/ssg-almalinux9-bsi-ks.cfg
+@@ -0,0 +1,150 @@
++# SCAP Security Guide BSI profile (SYS.1.1 and SYS.1.3) kickstart for AlmaLinux OS 9
++# Version: 0.0.1
++# Date: 2025-07-28
++#
++# Based on:
++# https://pykickstart.readthedocs.io/en/latest/
++# For more information see the following documentation:
++# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening#deploying-baseline-compliant-rhel-systems-using-kickstart_deploying-systems-that-are-compliant-with-a-security-profile-immediately-after-an-installation
++
++# Specify installation method to use for installation
++# To use a different one comment out the 'url' one below, update
++# the selected choice with proper options & un-comment it
++#
++# Install from an installation tree on a remote server via FTP or HTTP:
++# --url		the URL to install from
++#
++# Example:
++#
++# url --url=http://192.168.122.1/image
++#
++# Modify concrete URL in the above example appropriately to reflect the actual
++# environment machine is to be installed in
++#
++# Other possible / supported installation methods:
++# * install from the first CD-ROM/DVD drive on the system:
++#
++# cdrom
++#
++# * install from a directory of ISO images on a local drive:
++#
++# harddrive --partition=hdb2 --dir=/tmp/install-tree
++#
++# * install from provided NFS server:
++#
++# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
++#
++
++# Set language to use during installation and the default language to use on the installed system (required)
++lang en_US.UTF-8
++
++# Set system keyboard type / layout (required)
++keyboard --vckeymap us
++
++# Configure network information for target system and activate network devices in the installer environment (optional)
++# --onboot	enable device at a boot time
++# --device	device to be activated and / or configured with the network command
++# --bootproto	method to obtain networking configuration for device (default dhcp)
++network --onboot yes --device eth0 --bootproto dhcp
++
++# Set the system's root password (required)
++# Plaintext password is: server
++# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
++# encrypted password form for different plaintext password
++rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
++
++# The selected profile will restrict root login
++# Add a user that can login and escalate privileges
++# Plaintext password is: admin123
++user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
++
++# Configure firewall settings for the system (optional)
++# --enabled	reject incoming connections that are not in response to outbound requests
++# --ssh		allow sshd service through the firewall
++firewall --enabled --ssh
++
++# State of SELinux on the installed system (optional)
++# Defaults to enforcing
++selinux --enforcing
++
++# Set the system time zone (required)
++# since BSI is a local profile, we assume German Timezone
++timezone --utc Europe/Berlin
++
++# Specify how the bootloader should be installed (required)
++# Plaintext password is: password
++# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
++# encrypted password form for different plaintext password
++bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
++
++# Initialize (format) all disks (optional)
++zerombr
++
++# The following partition layout scheme assumes disk of size 20GB or larger
++# Modify size of partitions appropriately to reflect actual machine's hardware
++#
++# Remove Linux partitions from the system prior to creating new ones (optional)
++# --linux	erase all Linux partitions
++# --initlabel	initialize the disk label to the default based on the underlying architecture
++clearpart --linux --initlabel
++
++# Create primary system partitions (required for installs)
++part /boot --fstype=xfs --size=512
++part pv.01 --grow --size=1
++
++# Create a Logical Volume Management (LVM) group (optional)
++volgroup VolGroup pv.01
++
++# Create particular logical volumes (optional)
++logvol / --fstype=xfs --name=root --vgname=VolGroup --size=4272
++# Ensure /usr Located On Separate Partition
++# partition_for_usr
++logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=5000 --fsoptions="nodev"
++# Ensure /opt Located On Separate Partition
++# partition_for_opt
++logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=1024
++# Ensure /home Located On Separate Partition
++# partition_for_home
++logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
++# Ensure /tmp Located On Separate Partition
++# partition_for_tmp
++logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
++# Ensure /var/tmp Located On Separate Partition
++# partition_for_var_tmp
++logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
++# Ensure /var Located On Separate Partition
++# partition_for_var
++logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
++# Ensure /var/log Located On Separate Partition
++# partition_for_var_log
++logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
++logvol swap --name=swap --vgname=VolGroup --size=2016
++
++
++# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
++# content - security policies - on the installed system.This add-on has been enabled by default
++# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
++# functionality will automatically be installed. However, by default, no policies are enforced,
++# meaning that no checks are performed during or after installation unless specifically configured.
++#
++#  Important
++#   Applying a security policy is not necessary on all systems. This screen should only be used
++#   when a specific policy is mandated by your organization rules or government regulations.
++#   Unlike most other commands, this add-on does not accept regular options, but uses key-value
++#   pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
++#   Values can be optionally enclosed in single quotes (') or double quotes (").
++#
++# For more details and configuration options see
++# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/performing_an_advanced_rhel_9_installation/index#addon-com_redhat_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
++%addon com_redhat_oscap
++        content-type = scap-security-guide
++	profile = xccdf_org.ssgproject.content_profile_bsi
++%end
++
++# Packages selection (%packages section is required)
++%packages
++%end
++
++# Reboot after the installation is complete (optional)
++# --eject	attempt to eject CD or DVD media before rebooting
++reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
 new file mode 100644
-index 000000000..15ede51cd
+index 000000000..df4d86bc2
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
 @@ -0,0 +1,137 @@
-+# SCAP Security Guide CCN profile (Advanced) kickstart for AlmaLinux 9
++# SCAP Security Guide CCN profile (Advanced) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2023-07-18
 +#
@@ -10064,11 +15146,11 @@ index 000000000..15ede51cd
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
 new file mode 100644
-index 000000000..c31fb47b8
+index 000000000..5ed7593cd
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
 @@ -0,0 +1,137 @@
-+# SCAP Security Guide CCN profile (Basic) kickstart for AlmaLinux 9
++# SCAP Security Guide CCN profile (Basic) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2023-07-18
 +#
@@ -10207,11 +15289,11 @@ index 000000000..c31fb47b8
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
 new file mode 100644
-index 000000000..1badb172d
+index 000000000..6cad9710c
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
 @@ -0,0 +1,137 @@
-+# SCAP Security Guide CCN profile (Intermediate) kickstart for AlmaLinux 9
++# SCAP Security Guide CCN profile (Intermediate) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2023-07-18
 +#
@@ -10350,11 +15432,11 @@ index 000000000..1badb172d
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
 new file mode 100644
-index 000000000..877821d88
+index 000000000..49b6682d6
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
 @@ -0,0 +1,141 @@
-+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 9
++# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -10497,11 +15579,11 @@ index 000000000..877821d88
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
 new file mode 100644
-index 000000000..17105cd14
+index 000000000..623bf6409
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
 @@ -0,0 +1,141 @@
-+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 9
++# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -10644,11 +15726,11 @@ index 000000000..17105cd14
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
 new file mode 100644
-index 000000000..b8ed410c8
+index 000000000..eb1735ceb
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
 @@ -0,0 +1,141 @@
-+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 9
++# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -10791,11 +15873,11 @@ index 000000000..b8ed410c8
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
 new file mode 100644
-index 000000000..4268d2026
+index 000000000..b6e9819da
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
 @@ -0,0 +1,141 @@
-+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 9
++# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-08-12
 +#
@@ -10938,11 +16020,11 @@ index 000000000..4268d2026
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg
 new file mode 100644
-index 000000000..a23ef892e
+index 000000000..5c1ba4f72
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg
 @@ -0,0 +1,139 @@
-+# SCAP Security Guide CUI profile kickstart for AlmaLinux 9
++# SCAP Security Guide CUI profile kickstart for AlmaLinux OS 9
 +#
 +# Based on:
 +# https://pykickstart.readthedocs.io/en/latest/
@@ -11083,11 +16165,11 @@ index 000000000..a23ef892e
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
 new file mode 100644
-index 000000000..87ebac5ea
+index 000000000..8dc821eb7
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
 @@ -0,0 +1,120 @@
-+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 9
++# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -11209,11 +16291,11 @@ index 000000000..87ebac5ea
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
 new file mode 100644
-index 000000000..b197c7233
+index 000000000..e2600c88d
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
 @@ -0,0 +1,120 @@
-+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 9
++# SCAP Security Guide HIPAA profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-07-13
 +#
@@ -11335,11 +16417,11 @@ index 000000000..b197c7233
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
 new file mode 100644
-index 000000000..508da4df3
+index 000000000..682e47331
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
 @@ -0,0 +1,119 @@
-+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 9
++# SCAP Security Guide ISM Official profile kickstart for AlmaLinux OS 9
 +# Version: 0.0.1
 +# Date: 2021-08-16
 +#
@@ -11460,11 +16542,11 @@ index 000000000..508da4df3
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg
 new file mode 100644
-index 000000000..d96ca6fbc
+index 000000000..adc551303
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg
 @@ -0,0 +1,139 @@
-+# SCAP Security Guide OSPP profile kickstart for AlmaLinux 9
++# SCAP Security Guide OSPP profile kickstart for AlmaLinux OS 9
 +#
 +# Based on:
 +# https://pykickstart.readthedocs.io/en/latest/
@@ -11605,11 +16687,11 @@ index 000000000..d96ca6fbc
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg
 new file mode 100644
-index 000000000..562a184d6
+index 000000000..abfae9cf8
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg
 @@ -0,0 +1,134 @@
-+# SCAP Security Guide PCI-DSS profile kickstart for AlmaLinux 9
++# SCAP Security Guide PCI-DSS profile kickstart for AlmaLinux OS 9
 +#
 +# Based on:
 +# https://pykickstart.readthedocs.io/en/latest/
@@ -11745,11 +16827,11 @@ index 000000000..562a184d6
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg
 new file mode 100644
-index 000000000..c48252116
+index 000000000..f39e03108
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg
 @@ -0,0 +1,140 @@
-+# SCAP Security Guide STIG profile kickstart for AlmaLinux 9
++# SCAP Security Guide STIG profile kickstart for AlmaLinux OS 9
 +#
 +# Based on:
 +# https://pykickstart.readthedocs.io/en/latest/
@@ -11891,11 +16973,11 @@ index 000000000..c48252116
 +reboot --eject
 diff --git a/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg
 new file mode 100644
-index 000000000..caf659d9a
+index 000000000..5a2d56823
 --- /dev/null
 +++ b/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg
 @@ -0,0 +1,144 @@
-+# SCAP Security Guide STIG with GUI profile kickstart for AlmaLinux 9
++# SCAP Security Guide STIG with GUI profile kickstart for AlmaLinux OS 9
 +#
 +# Based on:
 +# https://pykickstart.readthedocs.io/en/latest/
@@ -12041,13 +17123,13 @@ index 000000000..caf659d9a
 +reboot --eject
 diff --git a/products/almalinux9/overlays/srg_support.xml b/products/almalinux9/overlays/srg_support.xml
 new file mode 100644
-index 000000000..bdfb1cbd8
+index 000000000..ea7b5d445
 --- /dev/null
 +++ b/products/almalinux9/overlays/srg_support.xml
 @@ -0,0 +1,173 @@
 +<Group id="srg_support" hidden="true">
 +<title>Documentation to Support DISA OS SRG Mapping</title>
-+<description>These groups exist to document how the AlmaLinux
++<description>These groups exist to document how the AlmaLinux OS
 +product meets (or does not meet) requirements listed in the DISA OS SRG, for
 +those cases where Groups or Rules elsewhere in scap-security-guide do
 +not clearly relate.
@@ -12060,9 +17142,9 @@ index 000000000..bdfb1cbd8
 +<Rule id="met_inherently_generic">
 +<title>Product Meets this Requirement</title>
 +<rationale>
-+AlmaLinux meets this requirement through design and implementation.
++AlmaLinux OS meets this requirement through design and implementation.
 +</rationale>
-+<ocil>AlmaLinux 9 supports this requirement and cannot be configured to be out of
++<ocil>AlmaLinux OS 9 supports this requirement and cannot be configured to be out of
 +compliance. This is a permanent not a finding.
 +</ocil>
 +<description>
@@ -12080,10 +17162,10 @@ index 000000000..bdfb1cbd8
 +<Rule id="met_inherently_auditing">
 +<title>Product Meets this Requirement</title>
 +<rationale>
-+The AlmaLinux audit system meets this requirement through design and implementation.
++The AlmaLinux OS audit system meets this requirement through design and implementation.
 +</rationale>
-+<ocil>The AlmaLinux 9 auditing system supports this requirement and cannot be configured to be out of
-+compliance. Every audit record in AlmaLinux includes a timestamp, the operation attempted,
++<ocil>The AlmaLinux OS 9 auditing system supports this requirement and cannot be configured to be out of
++compliance. Every audit record in AlmaLinux OS includes a timestamp, the operation attempted,
 +success or failure of the operation, the subject involved (executable/process),
 +the object involved (file/path), and security labels for the subject and object.
 +It also includes the ability to label events with custom key labels.  The auditing system
@@ -12107,9 +17189,9 @@ index 000000000..bdfb1cbd8
 +<Rule id="met_inherently_nonselected">
 +<title>Product Meets this Requirement</title>
 +<rationale>
-+AlmaLinux meets this requirement through design and implementation.
++AlmaLinux OS meets this requirement through design and implementation.
 +</rationale>
-+<ocil>AlmaLinux 9 supports this requirement and cannot be configured to be out of
++<ocil>AlmaLinux OS 9 supports this requirement and cannot be configured to be out of
 +compliance. This is a permanent not a finding.
 +</ocil>
 +<description>
@@ -12138,7 +17220,7 @@ index 000000000..bdfb1cbd8
 +The requirement is impractical or out of scope.
 +</rationale>
 +<ocil>
-+AlmaLinux 9 cannot support this requirement without assistance from an external
++AlmaLinux OS 9 cannot support this requirement without assistance from an external
 +application, policy, or service. This requirement is NA.
 +</ocil>
 +<description>
@@ -12157,7 +17239,7 @@ index 000000000..bdfb1cbd8
 +<Rule id="unmet_finding_nonselected">
 +<title>Implementation of the Requirement is Not Supported</title>
 +<rationale>
-+AlmaLinux 9 does not support this requirement.
++AlmaLinux OS 9 does not support this requirement.
 +</rationale>
 +<ocil>
 +This is a permanent finding.
@@ -12183,7 +17265,7 @@ index 000000000..bdfb1cbd8
 +The requirement is impractical or out of scope.
 +</rationale>
 +<ocil>
-+AlmaLinux 9 cannot support this requirement without assistance from an external
++AlmaLinux OS 9 cannot support this requirement without assistance from an external
 +application, policy, or service. This requirement is NA.
 +</ocil>
 +<description>
@@ -12219,31 +17301,24 @@ index 000000000..bdfb1cbd8
 +
 +</Group>
 diff --git a/products/almalinux9/product.yml b/products/almalinux9/product.yml
-new file mode 100644
-index 000000000..e2c08883c
---- /dev/null
+index 8249a6e62..5f90e0306 100644
+--- a/products/almalinux9/product.yml
 +++ b/products/almalinux9/product.yml
-@@ -0,0 +1,56 @@
-+product: almalinux9
-+full_name: AlmaLinux 9
-+type: platform
-+
+@@ -2,6 +2,10 @@ product: almalinux9
+ full_name: AlmaLinux OS 9
+ type: platform
+ 
 +families:
 +  - rhel
 +  - rhel-like
 +
-+major_version_ordinal: 9
-+
-+benchmark_id: ALMALINUX-9
-+benchmark_root: "../../linux_os/guide"
-+components_root: "../../components"
-+
-+profiles_root: "./profiles"
-+
-+pkg_manager: "dnf"
-+
-+init_system: "systemd"
-+
+ major_version_ordinal: 9
+ 
+ benchmark_id: ALMALINUX-9
+@@ -14,6 +18,26 @@ pkg_manager: "dnf"
+ 
+ init_system: "systemd"
+ 
 +# EFI and non-EFI configs are stored in same path, see https://fedoraproject.org/wiki/Changes/UnifyGrubConfig
 +
 +groups:
@@ -12251,6 +17326,7 @@ index 000000000..e2c08883c
 +    name: ssh_keys
 +
 +sshd_distributed_config: "true"
++bootable_containers_supported: "true"
 +
 +dconf_gdm_dir: "distro.d"
 +
@@ -12263,254 +17339,351 @@ index 000000000..e2c08883c
 +release_key_fingerprint: "BF18AC2876178908D6E71267D36CB86CB86B3716"
 +oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-9.xml.bz2"
 +
-+cpes_root: "../../shared/applicability"
-+cpes:
-+  - almalinux9:
-+      name: "cpe:/o:almalinux:almalinux:9"
-+      title: "AlmaLinux 9"
-+      check_id: installed_OS_is_almalinux9
-+
+ cpes_root: "../../shared/applicability"
+ cpes:
+   - almalinux9:
+@@ -21,12 +45,13 @@ cpes:
+       title: "AlmaLinux OS 9"
+       check_id: installed_OS_is_almalinux9
+ 
+-# See https://almalinux.org/security/
+-release_key_fingerprint: "BF18AC2876178908D6E71267D36CB86CB86B3716"
+-oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-9.xml.bz2"
+-
+-pkg_version: "b86b3716"
+-pkg_release: "61e69f29"
 +# Mapping of CPE platform to package
 +platform_package_overrides:
 +  login_defs: "shadow-utils"
-+
-+reference_uris:
-+  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
+ 
+ reference_uris:
+   cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
 +  ccn: 'https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html'
 +
 +
 +journald_conf_dir_path: /etc/systemd/journald.conf.d
 diff --git a/products/almalinux9/profiles/anssi_bp28_enhanced.profile b/products/almalinux9/profiles/anssi_bp28_enhanced.profile
-new file mode 100644
-index 000000000..f6af70d65
---- /dev/null
+index 4112a28ce..be8722e31 100644
+--- a/products/almalinux9/profiles/anssi_bp28_enhanced.profile
 +++ b/products/almalinux9/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,63 @@
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
+@@ -1,8 +1,10 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - yuumasato
-+
-+title: 'ANSSI-BP-028 (enhanced)'
-+
-+description: |-
-+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the enhanced hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:enhanced
-+    - var_password_hashing_algorithm=SHA512
-+    - var_password_pam_unix_rounds=65536
+ 
+ title: 'ANSSI-BP-028 (enhanced)'
+ 
+@@ -22,6 +24,8 @@ selections:
+     - anssi:all:enhanced
+     - var_password_hashing_algorithm=SHA512
+     - var_password_pam_unix_rounds=65536
++    - var_mount_option_proc_hidepid=invisible
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!partition_for_opt'
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!install_PAE_kernel_on_x86-32'
-+    - '!partition_for_boot'
-+    - '!sudo_add_ignore_dot'
-+    - '!audit_rules_privileged_commands_rmmod'
-+    - '!audit_rules_privileged_commands_modprobe'
-+    - '!package_dracut-fips-aesni_installed'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!partition_for_usr'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    - '!enable_pam_namespace'
-+    - '!audit_rules_privileged_commands_insmod'
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!chronyd_configure_pool_and_server'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!cracklib_accounts_password_pam_ucredit'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!sudo_add_umask'
-+    - '!sudo_add_env_reset'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    - '!ensure_oracle_gpgkey_installed'
-+    - '!package_kea_removed'
-+    # RHEL9 unified the paths for grub2 files. These rules are selected in control file by R29.
+     - '!partition_for_opt'
+     - '!accounts_passwords_pam_tally2_deny_root'
+     - '!install_PAE_kernel_on_x86-32'
+@@ -45,25 +49,35 @@ selections:
+     - '!cracklib_accounts_password_pam_minlen'
+     - '!cracklib_accounts_password_pam_dcredit'
+     - '!ensure_oracle_gpgkey_installed'
+-    - '!ensure_redhat_gpgkey_installed'
++    - ensure_almalinux_gpgkey_installed
+     - '!package_kea_removed'
++    - '!audit_rules_file_deletion_events_renameat2'
++    - '!audit_rules_dac_modification_fchmodat2'
++    - '!ldap_client_tls_cacertpath'
++    # RHEL9 unified the paths for grub2 files. These rules are selected in control file by R5 and R29.
+     - '!file_groupowner_efi_grub2_cfg'
+     - '!file_owner_efi_grub2_cfg'
+     - '!file_permissions_efi_grub2_cfg'
+     - '!file_groupowner_efi_user_cfg'
+     - '!file_owner_efi_user_cfg'
+     - '!file_permissions_efi_user_cfg'
+-    - '!audit_rules_file_deletion_events_renameat2'
+-    - '!audit_rules_dac_modification_fchmodat2'
+-    - '!audit_rules_mac_modification_etc_selinux'
+-    - '!no_nis_in_nsswitch'
+-    - '!service_chronyd_enabled'
+-    - '!ldap_client_start_tls'
+-    - '!ldap_client_tls_cacertpath'
+-
++    - '!grub2_uefi_password'
+     # disable R45: Enable AppArmor security profiles
+     - '!apparmor_configured'
+     - '!all_apparmor_profiles_enforced'
+     - '!grub2_enable_apparmor'
+     - '!package_apparmor_installed'
+     - '!package_pam_apparmor_installed'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
++    - '!package_xinetd_removed'
++    - '!package_ypbind_removed'
++    - '!package_ypserv_removed'
++
++    # Following rules are not applicable to RHEL
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
++    - '!audit_rules_mac_modification_etc_selinux'
++    - '!no_nis_in_nsswitch'
++    - '!service_chronyd_enabled'
++    - '!ldap_client_start_tls'
+diff --git a/products/almalinux9/profiles/anssi_bp28_high.profile b/products/almalinux9/profiles/anssi_bp28_high.profile
+index 1ae101f1b..c677e5a0f 100644
+--- a/products/almalinux9/profiles/anssi_bp28_high.profile
++++ b/products/almalinux9/profiles/anssi_bp28_high.profile
+@@ -1,8 +1,10 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     SMEs:
+-        - sej7278
++        - marcusburghardt
++        - yuumasato
+ 
+ title: 'ANSSI-BP-028 (high)'
+ 
+@@ -22,8 +24,10 @@ selections:
+     - anssi:all:high
+     - var_password_hashing_algorithm=SHA512
+     - var_password_pam_unix_rounds=65536
++    - var_mount_option_proc_hidepid=invisible
+     # the following rule renders UEFI systems unbootable
+     - '!sebool_secure_mode_insmod'
++    # Following rules once had a prodtype incompatible with the rhel9 product
+     - '!partition_for_opt'
+     - '!accounts_passwords_pam_tally2_deny_root'
+     - '!install_PAE_kernel_on_x86-32'
+@@ -48,18 +52,36 @@ selections:
+     - '!cracklib_accounts_password_pam_minlen'
+     - '!cracklib_accounts_password_pam_dcredit'
+     - '!ensure_oracle_gpgkey_installed'
+-    - '!ensure_redhat_gpgkey_installed'
++    - ensure_almalinux_gpgkey_installed
+     - '!package_kea_removed'
+     - '!audit_rules_file_deletion_events_renameat2'
+     - '!audit_rules_dac_modification_fchmodat2'
+-    - '!ldap_client_tls_cacertpath'
+-    - '!ldap_client_start_tls'
+-    - '!service_chronyd_enabled'
+     # disable R45: Enable AppArmor security profiles
+     - '!apparmor_configured'
+     - '!all_apparmor_profiles_enforced'
+     - '!grub2_enable_apparmor'
+     - '!package_apparmor_installed'
+     - '!package_pam_apparmor_installed'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
++    - '!package_xinetd_removed'
++    - '!package_ypbind_removed'
++    - '!package_ypserv_removed'
++
++    # RHEL9 unified the paths for grub2 files. These rules are selected in control file by R5 and R29.
 +    - '!file_groupowner_efi_grub2_cfg'
 +    - '!file_owner_efi_grub2_cfg'
 +    - '!file_permissions_efi_grub2_cfg'
 +    - '!file_groupowner_efi_user_cfg'
 +    - '!file_owner_efi_user_cfg'
 +    - '!file_permissions_efi_user_cfg'
-+    # disable R45: Enable AppArmor security profiles
-+    - '!apparmor_configured'
-+    - '!all_apparmor_profiles_enforced'
-+    - '!grub2_enable_apparmor'
-+    - '!package_apparmor_installed'
-+    - '!package_pam_apparmor_installed'
-diff --git a/products/almalinux9/profiles/anssi_bp28_high.profile b/products/almalinux9/profiles/anssi_bp28_high.profile
-new file mode 100644
-index 000000000..fd425188d
---- /dev/null
-+++ b/products/almalinux9/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,59 @@
-+documentation_complete: true
++    - '!grub2_uefi_password'
 +
-+metadata:
-+    SMEs:
++    # Following rules are not applicable to RHEL
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
+     - '!audit_rules_mac_modification_etc_selinux'
+     - '!no_nis_in_nsswitch'
++    - '!service_chronyd_enabled'
++    - '!ldap_client_start_tls'
++    - '!ldap_client_tls_cacertpath'
+diff --git a/products/almalinux9/profiles/anssi_bp28_intermediary.profile b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
+index d54771bfc..43a21afba 100644
+--- a/products/almalinux9/profiles/anssi_bp28_intermediary.profile
++++ b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
+@@ -1,8 +1,10 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - yuumasato
-+
-+title: 'ANSSI-BP-028 (high)'
-+
-+description: |-
-+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the high hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:high
+ 
+ title: 'ANSSI-BP-028 (intermediary)'
+ 
+@@ -19,27 +21,42 @@ description: |-
+     https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+ 
+ selections:
+-  - anssi:all:intermediary
+-  - var_password_hashing_algorithm=SHA512
+-  - var_password_pam_unix_rounds=65536
+-  - '!partition_for_opt'
+-  - '!cracklib_accounts_password_pam_minlen'
+-  - '!accounts_passwords_pam_tally2_deny_root'
+-  - '!accounts_passwords_pam_tally2'
+-  - '!cracklib_accounts_password_pam_ucredit'
+-  - '!cracklib_accounts_password_pam_dcredit'
+-  - '!cracklib_accounts_password_pam_lcredit'
+-  - '!partition_for_usr'
+-  - '!partition_for_boot'
+-  - '!cracklib_accounts_password_pam_ocredit'
+-  - '!enable_pam_namespace'
+-  - '!accounts_passwords_pam_tally2_unlock_time'
+-  - '!sudo_add_umask'
+-  - '!sudo_add_ignore_dot'
+-  - '!sudo_add_env_reset'
+-  - '!ensure_oracle_gpgkey_installed'
+-  - '!ensure_redhat_gpgkey_installed'
+-  - '!package_kea_removed'
+-  - '!ldap_client_tls_cacertpath'
+-  - '!ldap_client_start_tls'
+-  - '!no_nis_in_nsswitch'
++    - anssi:all:intermediary
 +    - var_password_hashing_algorithm=SHA512
 +    - var_password_pam_unix_rounds=65536
-+    # the following rule renders UEFI systems unbootable
-+    - '!sebool_secure_mode_insmod'
++    - var_mount_option_proc_hidepid=invisible
 +    # Following rules once had a prodtype incompatible with the rhel9 product
 +    - '!partition_for_opt'
++    - '!cracklib_accounts_password_pam_minlen'
 +    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!install_PAE_kernel_on_x86-32'
-+    - '!partition_for_boot'
-+    - '!aide_periodic_checking_systemd_timer'
-+    - '!sudo_add_ignore_dot'
-+    - '!audit_rules_privileged_commands_rmmod'
-+    - '!audit_rules_privileged_commands_modprobe'
-+    - '!package_dracut-fips-aesni_installed'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!partition_for_usr'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    - '!enable_pam_namespace'
-+    - '!audit_rules_privileged_commands_insmod'
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!chronyd_configure_pool_and_server'
 +    - '!accounts_passwords_pam_tally2'
 +    - '!cracklib_accounts_password_pam_ucredit'
++    - '!cracklib_accounts_password_pam_dcredit'
++    - '!cracklib_accounts_password_pam_lcredit'
++    - '!partition_for_usr'
++    - '!partition_for_boot'
++    - '!cracklib_accounts_password_pam_ocredit'
++    - '!enable_pam_namespace'
 +    - '!accounts_passwords_pam_tally2_unlock_time'
 +    - '!sudo_add_umask'
++    - '!sudo_add_ignore_dot'
 +    - '!sudo_add_env_reset'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_dcredit'
 +    - '!ensure_oracle_gpgkey_installed'
++    - ensure_almalinux_gpgkey_installed
 +    - '!package_kea_removed'
-+    # disable R45: Enable AppArmor security profiles
-+    - '!apparmor_configured'
-+    - '!all_apparmor_profiles_enforced'
-+    - '!grub2_enable_apparmor'
-+    - '!package_apparmor_installed'
-+    - '!package_pam_apparmor_installed'
-diff --git a/products/almalinux9/profiles/anssi_bp28_intermediary.profile b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
-new file mode 100644
-index 000000000..0f250fda3
---- /dev/null
-+++ b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,43 @@
-+documentation_complete: true
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
++    - '!package_xinetd_removed'
++    - '!package_ypbind_removed'
++    - '!package_ypserv_removed'
 +
-+metadata:
-+    SMEs:
-+        - marcusburghardt
-+        - yuumasato
++    # RHEL9 unified the paths for grub2 files. These rules are selected in control file by R5.
++    - '!grub2_uefi_password'
 +
-+title: 'ANSSI-BP-028 (intermediary)'
-+
-+description: |-
-+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the intermediary hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+  - anssi:all:intermediary
-+  - var_password_hashing_algorithm=SHA512
-+  - var_password_pam_unix_rounds=65536
-+  # Following rules once had a prodtype incompatible with the rhel9 product
-+  - '!partition_for_opt'
-+  - '!cracklib_accounts_password_pam_minlen'
-+  - '!accounts_passwords_pam_tally2_deny_root'
-+  - '!accounts_passwords_pam_tally2'
-+  - '!cracklib_accounts_password_pam_ucredit'
-+  - '!cracklib_accounts_password_pam_dcredit'
-+  - '!cracklib_accounts_password_pam_lcredit'
-+  - '!partition_for_usr'
-+  - '!partition_for_boot'
-+  - '!cracklib_accounts_password_pam_ocredit'
-+  - '!enable_pam_namespace'
-+  - '!accounts_passwords_pam_tally2_unlock_time'
-+  - '!sudo_add_umask'
-+  - '!sudo_add_ignore_dot'
-+  - '!sudo_add_env_reset'
-+  - '!ensure_oracle_gpgkey_installed'
-+  - '!package_kea_removed'
++    # Following rules are not applicable to RHEL
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
++    - '!audit_rules_mac_modification_etc_selinux'
++    - '!no_nis_in_nsswitch'
++    - '!ldap_client_start_tls'
++    - '!ldap_client_tls_cacertpath'
 diff --git a/products/almalinux9/profiles/anssi_bp28_minimal.profile b/products/almalinux9/profiles/anssi_bp28_minimal.profile
-new file mode 100644
-index 000000000..da8084569
---- /dev/null
+index e9bb292de..6a72f0087 100644
+--- a/products/almalinux9/profiles/anssi_bp28_minimal.profile
 +++ b/products/almalinux9/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,36 @@
+@@ -1,8 +1,10 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     SMEs:
+-        - sej7278
++        - marcusburghardt
++        - yuumasato
+ 
+ title: 'ANSSI-BP-028 (minimal)'
+ 
+@@ -19,17 +21,29 @@ description: |-
+     https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
+ 
+ selections:
+-  - anssi:all:minimal
+-  - var_password_hashing_algorithm=SHA512
+-  - var_password_pam_unix_rounds=65536
+-  - '!cracklib_accounts_password_pam_minlen'
+-  - '!accounts_passwords_pam_tally2_deny_root'
+-  - '!accounts_passwords_pam_tally2'
+-  - '!cracklib_accounts_password_pam_ucredit'
+-  - '!cracklib_accounts_password_pam_dcredit'
+-  - '!cracklib_accounts_password_pam_lcredit'
+-  - '!cracklib_accounts_password_pam_ocredit'
+-  - '!accounts_passwords_pam_tally2_unlock_time'
+-  - '!ensure_oracle_gpgkey_installed'
+-  - '!ensure_redhat_gpgkey_installed'
+-  - '!package_kea_removed'
++    - anssi:all:minimal
++    - var_password_hashing_algorithm=SHA512
++    - var_password_pam_unix_rounds=65536
++    - var_mount_option_proc_hidepid=invisible
++    # Following rules once had a prodtype incompatible with the rhel9 product
++    - '!cracklib_accounts_password_pam_minlen'
++    - '!accounts_passwords_pam_tally2_deny_root'
++    - '!accounts_passwords_pam_tally2'
++    - '!cracklib_accounts_password_pam_ucredit'
++    - '!cracklib_accounts_password_pam_dcredit'
++    - '!cracklib_accounts_password_pam_lcredit'
++    - '!cracklib_accounts_password_pam_ocredit'
++    - '!accounts_passwords_pam_tally2_unlock_time'
++    - '!ensure_oracle_gpgkey_installed'
++    - ensure_almalinux_gpgkey_installed
++    - '!package_kea_removed'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
++    - '!package_xinetd_removed'
++    - '!package_ypbind_removed'
++    - '!package_ypserv_removed'
++
++    # Following rules are not applicable to RHEL
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
++    - '!audit_rules_mac_modification_etc_selinux'
+diff --git a/products/almalinux9/profiles/bsi.profile b/products/almalinux9/profiles/bsi.profile
+new file mode 100644
+index 000000000..f2f530ff8
+--- /dev/null
++++ b/products/almalinux9/profiles/bsi.profile
+@@ -0,0 +1,28 @@
 +documentation_complete: true
 +
++title: 'BSI SYS.1.1 and SYS.1.3'
++
++reference: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Grundschutz/International/bsi_it_gs_comp_2022.pdf
++
 +metadata:
 +    SMEs:
-+        - marcusburghardt
-+        - yuumasato
-+
-+title: 'ANSSI-BP-028 (minimal)'
++        - sluetze
++    version: 2022
 +
 +description: |-
-+    This profile contains configurations that align to ANSSI-BP-028 v2.0 at the minimal hardening level.
++    This profile defines a baseline that aligns to the BSI (Federal Office for Security Information) IT-Grundschutz
++    Basic-Protection.
 +
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
++    This baseline implements OS-Level configuration requirements from the following
++    sources:
 +
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
++    - Building-Block SYS.1.1 General Server
++    - Building-Block SYS.1.3 Linux Server
 +
 +selections:
-+  - anssi:all:minimal
-+  - var_password_hashing_algorithm=SHA512
-+  - var_password_pam_unix_rounds=65536
-+  # Following rules once had a prodtype incompatible with the rhel9 product
-+  - '!cracklib_accounts_password_pam_minlen'
-+  - '!accounts_passwords_pam_tally2_deny_root'
-+  - '!accounts_passwords_pam_tally2'
-+  - '!cracklib_accounts_password_pam_ucredit'
-+  - '!cracklib_accounts_password_pam_dcredit'
-+  - '!cracklib_accounts_password_pam_lcredit'
-+  - '!cracklib_accounts_password_pam_ocredit'
-+  - '!accounts_passwords_pam_tally2_unlock_time'
-+  - '!ensure_oracle_gpgkey_installed'
-+  - '!package_kea_removed'
++    - bsi_sys_1_1_rhel9:all
++    - bsi_sys_1_3_rhel9:all
++
++    # BSI APP.4.4.A4
++    - var_selinux_policy_name=targeted
++    - var_selinux_state=enforcing
 diff --git a/products/almalinux9/profiles/ccn_advanced.profile b/products/almalinux9/profiles/ccn_advanced.profile
 new file mode 100644
-index 000000000..0563e5c0c
+index 000000000..a15d96660
 --- /dev/null
 +++ b/products/almalinux9/profiles/ccn_advanced.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,20 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -12532,10 +17705,11 @@ index 000000000..0563e5c0c
 +    - ccn_rhel9:all:advanced
 diff --git a/products/almalinux9/profiles/ccn_basic.profile b/products/almalinux9/profiles/ccn_basic.profile
 new file mode 100644
-index 000000000..0ebc2912c
+index 000000000..2a6602fbe
 --- /dev/null
 +++ b/products/almalinux9/profiles/ccn_basic.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,20 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -12557,10 +17731,11 @@ index 000000000..0ebc2912c
 +    - ccn_rhel9:all:basic
 diff --git a/products/almalinux9/profiles/ccn_intermediate.profile b/products/almalinux9/profiles/ccn_intermediate.profile
 new file mode 100644
-index 000000000..f5b86b0a3
+index 000000000..076edd5c7
 --- /dev/null
 +++ b/products/almalinux9/profiles/ccn_intermediate.profile
-@@ -0,0 +1,19 @@
+@@ -0,0 +1,20 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -12581,143 +17756,160 @@ index 000000000..f5b86b0a3
 +selections:
 +    - ccn_rhel9:all:intermediate
 diff --git a/products/almalinux9/profiles/cis.profile b/products/almalinux9/profiles/cis.profile
-new file mode 100644
-index 000000000..13d03938c
---- /dev/null
+index f0e6cc24f..9bd16a85a 100644
+--- a/products/almalinux9/profiles/cis.profile
 +++ b/products/almalinux9/profiles/cis.profile
-@@ -0,0 +1,27 @@
-+documentation_complete: true
-+
-+metadata:
-+    version: 2.0.0
-+    SMEs:
+@@ -1,9 +1,12 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     version: 2.0.0
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Server'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 2 - Server"
+ 
+ reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+ 
+@@ -11,14 +14,15 @@ title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Server'
+ 
+ description: |-
+     This profile defines a baseline that aligns to the "Level 2 - Server"
+-    configuration from the Center for Internet Security® AlmaLinux OS 9 
+-    Benchmark™, v2.0.0, released 2024-06-20.
 +    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 9 Benchmark™, v2.0.0, released 2024-06-24.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 9 CIS Benchmarks™ content.
-+
-+selections:
+ 
+     This profile includes Center for Internet Security®
+     AlmaLinux OS 9 CIS Benchmarks™ content.
+ 
+ selections:
+-    - cis_almalinux9:all:l2_server
 +    - cis_rhel9:all:l2_server
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!file_ownership_home_directories'
-+    - '!group_unique_name'
-+    - '!file_owner_at_allow'
+     - '!file_ownership_home_directories'
+     - '!group_unique_name'
+     - '!file_owner_at_allow'
 diff --git a/products/almalinux9/profiles/cis_server_l1.profile b/products/almalinux9/profiles/cis_server_l1.profile
-new file mode 100644
-index 000000000..124d81d29
---- /dev/null
+index 4f49074be..be7d1e33c 100644
+--- a/products/almalinux9/profiles/cis_server_l1.profile
 +++ b/products/almalinux9/profiles/cis_server_l1.profile
-@@ -0,0 +1,27 @@
-+documentation_complete: true
-+
-+metadata:
-+    version: 2.0.0
-+    SMEs:
+@@ -1,9 +1,12 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     version: 2.0.0
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Server'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 1 - Server"
+ 
+ reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+ 
+@@ -11,14 +14,15 @@ title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Server'
+ 
+ description: |-
+     This profile defines a baseline that aligns to the "Level 1 - Server"
+-    configuration from the Center for Internet Security® AlmaLinux OS 9 
+-    Benchmark™, v2.0.0, released 2024-06-20.
 +    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 9 Benchmark™, v2.0.0, released 2024-06-24.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 9 CIS Benchmarks™ content.
-+
-+selections:
+ 
+     This profile includes Center for Internet Security®
+     AlmaLinux OS 9 CIS Benchmarks™ content.
+ 
+ selections:
+-    - cis_almalinux9:all:l1_server
 +    - cis_rhel9:all:l1_server
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!file_ownership_home_directories'
-+    - '!group_unique_name'
-+    - '!file_owner_at_allow'
+     - '!file_ownership_home_directories'
+     - '!group_unique_name'
+     - '!file_owner_at_allow'
 diff --git a/products/almalinux9/profiles/cis_workstation_l1.profile b/products/almalinux9/profiles/cis_workstation_l1.profile
-new file mode 100644
-index 000000000..b0c769b82
---- /dev/null
+index 60caa95de..a6f562159 100644
+--- a/products/almalinux9/profiles/cis_workstation_l1.profile
 +++ b/products/almalinux9/profiles/cis_workstation_l1.profile
-@@ -0,0 +1,27 @@
-+documentation_complete: true
-+
-+metadata:
-+    version: 2.0.0
-+    SMEs:
+@@ -1,9 +1,12 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     version: 2.0.0
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Workstation'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 1 - Workstation"
+ 
+ reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+ 
+@@ -11,14 +14,15 @@ title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Workstation'
+ 
+ description: |-
+     This profile defines a baseline that aligns to the "Level 1 - Workstation"
+-    configuration from the Center for Internet Security® AlmaLinux OS 9 
+-    Benchmark™, v2.0.0, released 2024-06-20.
 +    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 9 Benchmark™, v2.0.0, released 2024-06-24.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 9 CIS Benchmarks™ content.
-+
-+selections:
+ 
+     This profile includes Center for Internet Security®
+     AlmaLinux OS 9 CIS Benchmarks™ content.
+ 
+ selections:
+-    - cis_almalinux9:all:l1_workstation
 +    - cis_rhel9:all:l1_workstation
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!file_ownership_home_directories'
-+    - '!group_unique_name'
-+    - '!file_owner_at_allow'
+     - '!file_ownership_home_directories'
+     - '!group_unique_name'
+     - '!file_owner_at_allow'
 diff --git a/products/almalinux9/profiles/cis_workstation_l2.profile b/products/almalinux9/profiles/cis_workstation_l2.profile
-new file mode 100644
-index 000000000..7115c9656
---- /dev/null
+index cf3039764..733473fb4 100644
+--- a/products/almalinux9/profiles/cis_workstation_l2.profile
 +++ b/products/almalinux9/profiles/cis_workstation_l2.profile
-@@ -0,0 +1,27 @@
-+documentation_complete: true
-+
-+metadata:
-+    version: 2.0.0
-+    SMEs:
+@@ -1,9 +1,12 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     version: 2.0.0
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Workstation'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 2 - Workstation"
+ 
+ reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
+ 
+@@ -11,14 +14,15 @@ title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Workstation'
+ 
+ description: |-
+     This profile defines a baseline that aligns to the "Level 2 - Workstation"
+-    configuration from the Center for Internet Security® AlmaLinux OS 9 
+-    Linux 9 Benchmark™, v2.0.0, released 2024-06-20.
 +    configuration from the Center for Internet Security® 
 +    AlmaLinux OS 9 Benchmark™, v2.0.0, released 2024-06-24.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 9 CIS Benchmarks™ content.
-+
-+selections:
+ 
+     This profile includes Center for Internet Security®
+     AlmaLinux OS 9 CIS Benchmarks™ content.
+ 
+ selections:
+-    - cis_almalinux9:all:l2_workstation
 +    - cis_rhel9:all:l2_workstation
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!file_ownership_home_directories'
-+    - '!group_unique_name'
-+    - '!file_owner_at_allow'
+     - '!file_ownership_home_directories'
+     - '!group_unique_name'
+     - '!file_owner_at_allow'
 diff --git a/products/almalinux9/profiles/cui.profile b/products/almalinux9/profiles/cui.profile
 new file mode 100644
-index 000000000..686ee2c43
+index 000000000..12ea003df
 --- /dev/null
 +++ b/products/almalinux9/profiles/cui.profile
-@@ -0,0 +1,33 @@
+@@ -0,0 +1,34 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -12742,7 +17934,7 @@ index 000000000..686ee2c43
 +    supplement the basic security requirements, are taken from the security controls
 +    in NIST Special Publication 800-53.
 +
-+    This profile configures AlmaLinux 9 to the NIST Special
++    This profile configures AlmaLinux OS 9 to the NIST Special
 +    Publication 800-53 controls identified for securing Controlled Unclassified
 +    Information (CUI)."
 +
@@ -12753,15 +17945,16 @@ index 000000000..686ee2c43
 +    - var_system_crypto_policy=fips
 diff --git a/products/almalinux9/profiles/default.profile b/products/almalinux9/profiles/default.profile
 new file mode 100644
-index 000000000..901e337ab
+index 000000000..1408f22ed
 --- /dev/null
 +++ b/products/almalinux9/profiles/default.profile
-@@ -0,0 +1,573 @@
+@@ -0,0 +1,587 @@
++---
 +documentation_complete: true
 +
 +hidden: true
 +
-+title: Default Profile for AlmaLinux 9
++title: Default Profile for AlmaLinux OS 9
 +
 +description: |-
 +    This profile contains all the rules that once belonged to the
@@ -12793,6 +17986,7 @@ index 000000000..901e337ab
 +    - sebool_puppetagent_manage_all_files
 +    - sshd_use_strong_rng
 +    - grub2_uefi_admin_username
++    - grub2_uefi_password
 +    - sebool_staff_use_svirt
 +    - audit_rules_successful_file_modification_lsetxattr
 +    - sebool_daemons_enable_cluster_mode
@@ -13330,12 +18524,25 @@ index 000000000..901e337ab
 +    - set_password_hashing_min_rounds_logindefs
 +    - sshd_use_priv_separation
 +    - tftpd_uses_secure_mode
++    - file_permissions_etc_audit_rulesd
++    - configure_openssl_tls_crypto_policy
++    - configure_openssl_crypto_policy
++    - audit_rules_login_events
++    - audit_rules_usergroup_modification
++    - audit_rules_unsuccessful_file_modification
++    - audit_rules_session_events
++    - kerberos_disable_no_keytab
++    - package_ypserv_removed
++    - package_quagga_removed
++    - package_rsh-server_removed
++    - sshd_use_strong_macs
 diff --git a/products/almalinux9/profiles/e8.profile b/products/almalinux9/profiles/e8.profile
 new file mode 100644
-index 000000000..b8e703fcc
+index 000000000..6dc6d1975
 --- /dev/null
 +++ b/products/almalinux9/profiles/e8.profile
-@@ -0,0 +1,150 @@
+@@ -0,0 +1,32 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -13343,321 +18550,265 @@ index 000000000..b8e703fcc
 +        - shaneboulden
 +        - tjbutt58
 +
-+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers 
++reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
 +
 +title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
 +
 +description: |-
-+  This profile contains configuration checks for AlmaLinux 9
-+  that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
++    This profile contains configuration checks for AlmaLinux OS 9
++    that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
 +
-+  A copy of the Essential Eight in Linux Environments guide can be found at the
-+  ACSC website:
++    A copy of the Essential Eight in Linux Environments guide can be found at the
++    ACSC website:
 +
-+  https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
++    https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
 +
 +selections:
++    - e8:all
++    - '!package_ypbind_removed'
++    - '!package_rsh-server_removed'
++    - '!package_rsh_removed'
++    - package_rear_installed
++    - package_audit_installed
 +
-+  ### Remove obsolete packages
-+  - package_talk_removed
-+  - package_talk-server_removed
-+  - package_ypbind_removed
-+  - package_telnet_removed
-+  - service_telnet_disabled
-+  - package_telnet-server_removed
-+  - package_rsh_removed
-+  - package_rsh-server_removed
-+  - package_quagga_removed
-+  - service_avahi-daemon_disabled
-+  - package_squid_removed
-+  - service_squid_disabled
-+
-+  ### Software update
-+  - ensure_almalinux_gpgkey_installed
-+  - ensure_gpgcheck_never_disabled
-+  - ensure_gpgcheck_local_packages
-+  - ensure_gpgcheck_globally_activated
-+  - security_patches_up_to_date
-+  - dnf-automatic_security_updates_only
-+
-+  ### System security settings
-+  - sysctl_kernel_randomize_va_space
-+  - sysctl_kernel_exec_shield
-+  - sysctl_kernel_kptr_restrict
-+  - sysctl_kernel_dmesg_restrict
-+  - sysctl_kernel_kexec_load_disabled
-+  - sysctl_kernel_yama_ptrace_scope
-+  - sysctl_kernel_unprivileged_bpf_disabled
-+  - sysctl_net_core_bpf_jit_harden
-+
-+  ### SELinux
-+  - var_selinux_state=enforcing
-+  - selinux_state
-+  - var_selinux_policy_name=targeted
-+  - selinux_policytype
-+
-+  ### Filesystem integrity
-+  - rpm_verify_hashes
-+  - rpm_verify_permissions
-+  - rpm_verify_ownership
-+  - file_permissions_unauthorized_sgid
-+  - file_permissions_unauthorized_suid
-+  - file_permissions_unauthorized_world_writable
-+  - dir_perms_world_writable_sticky_bits
-+  - file_permissions_library_dirs
-+  - file_ownership_binary_dirs
-+  - file_permissions_binary_dirs
-+  - file_ownership_library_dirs
-+
-+  ### Passwords
-+  - var_authselect_profile=sssd
-+  - enable_authselect
-+  - no_empty_passwords
-+
-+  ### Partitioning
-+  - mount_option_dev_shm_nodev
-+  - mount_option_dev_shm_nosuid
-+  - mount_option_dev_shm_noexec
-+
-+  ### Network
-+  - package_firewalld_installed
-+  - service_firewalld_enabled
-+  - network_sniffer_disabled
-+
-+  ### Admin privileges
-+  - accounts_no_uid_except_zero
-+  - sudo_remove_nopasswd
-+  - sudo_remove_no_authenticate
-+  - sudo_require_authentication
-+
-+  ### Audit
-+  - package_rsyslog_installed
-+  - service_rsyslog_enabled
-+  - service_auditd_enabled
-+  - var_auditd_flush=incremental_async
-+  - auditd_data_retention_flush
-+  - auditd_local_events
-+  - auditd_write_logs
-+  - auditd_log_format
-+  - auditd_freq
-+  - auditd_name_format
-+  - audit_rules_login_events_tallylog
-+  - audit_rules_login_events_faillock
-+  - audit_rules_login_events_lastlog
-+  - audit_rules_login_events
-+  - audit_rules_time_adjtimex
-+  - audit_rules_time_clock_settime
-+  - audit_rules_time_watch_localtime
-+  - audit_rules_time_settimeofday
-+  - audit_rules_time_stime
-+  - audit_rules_execution_restorecon
-+  - audit_rules_execution_chcon
-+  - audit_rules_execution_semanage
-+  - audit_rules_execution_setsebool
-+  - audit_rules_execution_setfiles
-+  - audit_rules_execution_seunshare
-+  - audit_rules_sysadmin_actions
-+  - audit_rules_networkconfig_modification
-+  - audit_rules_usergroup_modification
-+  - audit_rules_dac_modification_chmod
-+  - audit_rules_dac_modification_chown
-+  - audit_rules_kernel_module_loading
-+
-+  ### Secure access
-+  - sshd_use_directory_configuration
-+  - sshd_disable_root_login
-+  - sshd_disable_gssapi_auth
-+  - sshd_print_last_log
-+  - sshd_do_not_permit_user_env
-+  - sshd_disable_rhosts
-+  - sshd_set_loglevel_info
-+  - sshd_disable_empty_passwords
-+  - sshd_disable_user_known_hosts
-+  - sshd_enable_strictmodes
-+
-+  # See also: https://www.cyber.gov.au/acsc/view-all-content/guidance/asd-approved-cryptographic-algorithms
-+  - var_system_crypto_policy=default_nosha1
-+  - configure_crypto_policy
-+  - configure_ssh_crypto_policy
-+
-+  ### Application whitelisting
-+  - package_fapolicyd_installed
-+  - service_fapolicyd_enabled
-+
-+  ### Backup
-+  - package_rear_installed
++    # Following rules are not applicable to RHEL
++    - '!package_talk_removed'
++    - '!package_talk-server_removed'
 diff --git a/products/almalinux9/profiles/hipaa.profile b/products/almalinux9/profiles/hipaa.profile
-new file mode 100644
-index 000000000..7fd934311
---- /dev/null
+index 9bfea9819..5cc5968e1 100644
+--- a/products/almalinux9/profiles/hipaa.profile
 +++ b/products/almalinux9/profiles/hipaa.profile
-@@ -0,0 +1,160 @@
-+documentation_complete: True
-+
-+metadata:
-+    SMEs:
+@@ -1,8 +1,9 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     SMEs:
+-        - sej7278
 +        - jjaswanson4
-+
-+reference: https://www.hhs.gov/hipaa/for-professionals/index.html
-+
-+title: 'Health Insurance Portability and Accountability Act (HIPAA)'
-+
-+description: |-
-+    The HIPAA Security Rule establishes U.S. national standards to protect individuals’
-+    electronic personal health information that is created, received, used, or
-+    maintained by a covered entity. The Security Rule requires appropriate
-+    administrative, physical and technical safeguards to ensure the
-+    confidentiality, integrity, and security of electronic protected health
-+    information.
-+
-+    This profile configures AlmaLinux 9 to the HIPAA Security
-+    Rule identified for securing of electronic protected health information.
-+    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).   
-+
-+selections:
-+    - grub2_password
-+    - grub2_uefi_password
-+    - file_groupowner_grub2_cfg
-+    - file_owner_grub2_cfg
-+    - grub2_disable_interactive_boot
-+    - no_direct_root_logins
-+    - no_empty_passwords
-+    - require_singleuser_auth
-+    - restrict_serial_port_logins
-+    - securetty_root_login_console_only
-+    - service_debug-shell_disabled
-+    - disable_ctrlaltdel_reboot
-+    - disable_ctrlaltdel_burstaction
-+    - dconf_db_up_to_date
-+    - dconf_gnome_remote_access_credential_prompt
-+    - dconf_gnome_remote_access_encryption
-+    - sshd_use_directory_configuration
-+    - sshd_disable_empty_passwords
-+    - sshd_disable_root_login
-+    - libreswan_approved_tunnels
+ 
+ reference: https://www.hhs.gov/hipaa/for-professionals/index.html
+ 
+@@ -18,144 +19,74 @@ description: |-
+ 
+     This profile configures AlmaLinux OS 9 to the HIPAA Security
+     Rule identified for securing of electronic protected health information.
+-    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).   
++    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
+ 
+ selections:
+-    - grub2_password
+-    - grub2_uefi_password
+-    - file_groupowner_grub2_cfg
+-    - file_owner_grub2_cfg
+-    - grub2_disable_interactive_boot
+-    - no_direct_root_logins
+-    - no_empty_passwords
+-    - require_singleuser_auth
+-    - restrict_serial_port_logins
+-    - securetty_root_login_console_only
+-    - service_debug-shell_disabled
+-    - disable_ctrlaltdel_reboot
+-    - disable_ctrlaltdel_burstaction
+-    - dconf_db_up_to_date
+-    - dconf_gnome_remote_access_credential_prompt
+-    - dconf_gnome_remote_access_encryption
+-    - sshd_use_directory_configuration
+-    - sshd_disable_empty_passwords
+-    - sshd_disable_root_login
+-    - libreswan_approved_tunnels
+-    - no_rsh_trust_files
+-    - package_talk_removed
+-    - package_talk-server_removed
+-    - package_telnet_removed
+-    - package_telnet-server_removed
+-    - package_cron_installed
+-    - service_crond_enabled
+-    - service_telnet_disabled
+-    - use_kerberos_security_all_exports
+-    - var_authselect_profile=sssd
+-    - enable_authselect
+-    - disable_host_auth
+-    - sshd_allow_only_protocol2
+-    - sshd_disable_compression
+-    - sshd_disable_gssapi_auth
+-    - sshd_disable_kerb_auth
+-    - sshd_do_not_permit_user_env
+-    - sshd_enable_strictmodes
+-    - sshd_enable_warning_banner
+-    - var_sshd_set_keepalive=1
+-    - encrypt_partitions
++    - hipaa:all
+     - var_system_crypto_policy=fips
+-    - configure_crypto_policy
+-    - configure_ssh_crypto_policy
+-    - var_selinux_policy_name=targeted
+-    - var_selinux_state=enforcing
+-    - grub2_enable_selinux
+-    - sebool_selinuxuser_execheap
+-    - sebool_selinuxuser_execmod
+-    - sebool_selinuxuser_execstack
+-    - selinux_confinement_of_daemons
+-    - selinux_policytype
+-    - selinux_state
+-    - service_kdump_disabled
+-    - sysctl_fs_suid_dumpable
+-    - sysctl_kernel_dmesg_restrict
+-    - sysctl_kernel_exec_shield
+-    - sysctl_kernel_randomize_va_space
+-    - rpm_verify_hashes
+-    - rpm_verify_permissions
+-    - ensure_almalinux_gpgkey_installed
+-    - ensure_gpgcheck_globally_activated
+-    - ensure_gpgcheck_never_disabled
+-    - ensure_gpgcheck_local_packages
+-    - grub2_audit_argument
+-    - service_auditd_enabled
+-    - audit_rules_privileged_commands_sudo
+-    - audit_rules_privileged_commands_su
+-    - audit_rules_immutable
+-    - kernel_module_usb-storage_disabled
+-    - service_autofs_disabled
+-    - auditd_audispd_syslog_plugin_activated
+-    - rsyslog_remote_loghost
+-    - auditd_data_retention_flush
+-    - audit_rules_dac_modification_chmod
+-    - audit_rules_dac_modification_chown
+-    - audit_rules_dac_modification_fchmodat
+-    - audit_rules_dac_modification_fchmod
+-    - audit_rules_dac_modification_fchownat
+-    - audit_rules_dac_modification_fchown
+-    - audit_rules_dac_modification_fremovexattr
+-    - audit_rules_dac_modification_fsetxattr
+-    - audit_rules_dac_modification_lchown
+-    - audit_rules_dac_modification_lremovexattr
+-    - audit_rules_dac_modification_lsetxattr
+-    - audit_rules_dac_modification_removexattr
+-    - audit_rules_dac_modification_setxattr
+-    - audit_rules_execution_chcon
+-    - audit_rules_execution_restorecon
+-    - audit_rules_execution_semanage
+-    - audit_rules_execution_setsebool
+-    - audit_rules_file_deletion_events_renameat
+-    - audit_rules_file_deletion_events_rename
+-    - audit_rules_file_deletion_events_rmdir
+-    - audit_rules_file_deletion_events_unlinkat
+-    - audit_rules_file_deletion_events_unlink
+-    - audit_rules_kernel_module_loading_delete
+-    - audit_rules_kernel_module_loading_init
+-    - audit_rules_login_events_faillock
+-    - audit_rules_login_events_lastlog
+-    - audit_rules_login_events_tallylog
+-    - audit_rules_mac_modification
+-    - audit_rules_media_export
+-    - audit_rules_networkconfig_modification
+-    - audit_rules_privileged_commands_chage
+-    - audit_rules_privileged_commands_chsh
+-    - audit_rules_privileged_commands_crontab
+-    - audit_rules_privileged_commands_gpasswd
+-    - audit_rules_privileged_commands_newgrp
+-    - audit_rules_privileged_commands_pam_timestamp_check
+-    - audit_rules_privileged_commands_passwd
+-    - audit_rules_privileged_commands_postdrop
+-    - audit_rules_privileged_commands_postqueue
+-    - audit_rules_privileged_commands_ssh_keysign
+-    - audit_rules_privileged_commands_sudoedit
+-    - audit_rules_privileged_commands_umount
+-    - audit_rules_privileged_commands_unix_chkpwd
+-    - audit_rules_privileged_commands_userhelper
+-    - audit_rules_session_events
+-    - audit_rules_sysadmin_actions
+-    - audit_rules_system_shutdown
+-    - var_audit_failure_mode=panic
+-    - audit_rules_time_adjtimex
+-    - audit_rules_time_clock_settime
+-    - audit_rules_time_settimeofday
+-    - audit_rules_time_stime
+-    - audit_rules_time_watch_localtime
+-    - audit_rules_unsuccessful_file_modification_creat
+-    - audit_rules_unsuccessful_file_modification_ftruncate
+-    - audit_rules_unsuccessful_file_modification_openat
+-    - audit_rules_unsuccessful_file_modification_open_by_handle_at
+-    - audit_rules_unsuccessful_file_modification_open
+-    - audit_rules_unsuccessful_file_modification_truncate
+-    - audit_rules_usergroup_modification_group
+-    - audit_rules_usergroup_modification_gshadow
+-    - audit_rules_usergroup_modification_opasswd
+-    - audit_rules_usergroup_modification_passwd
+-    - audit_rules_usergroup_modification_shadow
 +    - no_rsh_trust_files
-+    - package_talk_removed
-+    - package_talk-server_removed
-+    - package_telnet_removed
-+    - package_telnet-server_removed
-+    - service_crond_enabled
-+    - service_telnet_disabled
-+    - use_kerberos_security_all_exports
-+    - var_authselect_profile=sssd
-+    - enable_authselect
-+    - disable_host_auth
-+    - sshd_allow_only_protocol2
-+    - sshd_disable_compression
-+    - sshd_disable_gssapi_auth
-+    - sshd_disable_kerb_auth
-+    - sshd_do_not_permit_user_env
-+    - sshd_enable_strictmodes
-+    - sshd_enable_warning_banner
-+    - var_sshd_set_keepalive=1
-+    - encrypt_partitions
-+    - var_system_crypto_policy=fips
-+    - configure_crypto_policy
-+    - configure_ssh_crypto_policy
-+    - var_selinux_policy_name=targeted
-+    - var_selinux_state=enforcing
-+    - grub2_enable_selinux
-+    - sebool_selinuxuser_execheap
-+    - sebool_selinuxuser_execmod
-+    - sebool_selinuxuser_execstack
-+    - selinux_confinement_of_daemons
-+    - selinux_policytype
-+    - selinux_state
-+    - service_kdump_disabled
-+    - sysctl_fs_suid_dumpable
-+    - sysctl_kernel_dmesg_restrict
-+    - sysctl_kernel_exec_shield
-+    - sysctl_kernel_randomize_va_space
-+    - rpm_verify_hashes
-+    - rpm_verify_permissions
-+    - ensure_almalinux_gpgkey_installed
-+    - ensure_gpgcheck_globally_activated
-+    - ensure_gpgcheck_never_disabled
-+    - ensure_gpgcheck_local_packages
-+    - grub2_audit_argument
-+    - service_auditd_enabled
-+    - audit_rules_privileged_commands_sudo
-+    - audit_rules_privileged_commands_su
-+    - audit_rules_immutable
-+    - kernel_module_usb-storage_disabled
-+    - service_autofs_disabled
-+    - auditd_audispd_syslog_plugin_activated
-+    - rsyslog_remote_loghost
-+    - auditd_data_retention_flush
-+    - audit_rules_dac_modification_chmod
-+    - audit_rules_dac_modification_chown
-+    - audit_rules_dac_modification_fchmodat
-+    - audit_rules_dac_modification_fchmod
-+    - audit_rules_dac_modification_fchownat
-+    - audit_rules_dac_modification_fchown
-+    - audit_rules_dac_modification_fremovexattr
-+    - audit_rules_dac_modification_fsetxattr
-+    - audit_rules_dac_modification_lchown
-+    - audit_rules_dac_modification_lremovexattr
-+    - audit_rules_dac_modification_lsetxattr
-+    - audit_rules_dac_modification_removexattr
-+    - audit_rules_dac_modification_setxattr
-+    - audit_rules_execution_chcon
-+    - audit_rules_execution_restorecon
-+    - audit_rules_execution_semanage
-+    - audit_rules_execution_setsebool
-+    - audit_rules_file_deletion_events_renameat
-+    - audit_rules_file_deletion_events_rename
-+    - audit_rules_file_deletion_events_rmdir
-+    - audit_rules_file_deletion_events_unlinkat
-+    - audit_rules_file_deletion_events_unlink
-+    - audit_rules_kernel_module_loading_delete
-+    - audit_rules_kernel_module_loading_init
-+    - audit_rules_login_events_faillock
-+    - audit_rules_login_events_lastlog
-+    - audit_rules_login_events_tallylog
-+    - audit_rules_mac_modification
-+    - audit_rules_media_export
-+    - audit_rules_networkconfig_modification
-+    - audit_rules_privileged_commands_chage
-+    - audit_rules_privileged_commands_chsh
-+    - audit_rules_privileged_commands_crontab
-+    - audit_rules_privileged_commands_gpasswd
-+    - audit_rules_privileged_commands_newgrp
-+    - audit_rules_privileged_commands_pam_timestamp_check
-+    - audit_rules_privileged_commands_passwd
-+    - audit_rules_privileged_commands_postdrop
-+    - audit_rules_privileged_commands_postqueue
-+    - audit_rules_privileged_commands_ssh_keysign
-+    - audit_rules_privileged_commands_sudoedit
-+    - audit_rules_privileged_commands_umount
-+    - audit_rules_privileged_commands_unix_chkpwd
-+    - audit_rules_privileged_commands_userhelper
-+    - audit_rules_session_events
-+    - audit_rules_sysadmin_actions
-+    - audit_rules_system_shutdown
-+    - var_audit_failure_mode=panic
-+    - audit_rules_time_adjtimex
-+    - audit_rules_time_clock_settime
-+    - audit_rules_time_settimeofday
-+    - audit_rules_time_stime
-+    - audit_rules_time_watch_localtime
-+    - audit_rules_unsuccessful_file_modification_creat
-+    - audit_rules_unsuccessful_file_modification_ftruncate
-+    - audit_rules_unsuccessful_file_modification_openat
-+    - audit_rules_unsuccessful_file_modification_open_by_handle_at
-+    - audit_rules_unsuccessful_file_modification_open
-+    - audit_rules_unsuccessful_file_modification_truncate
-+    - audit_rules_usergroup_modification_group
-+    - audit_rules_usergroup_modification_gshadow
-+    - audit_rules_usergroup_modification_opasswd
-+    - audit_rules_usergroup_modification_passwd
-+    - audit_rules_usergroup_modification_shadow
++    - "!audit_rules_dac_modification_fchmodat2"
++    - "!audit_rules_file_deletion_events_renameat2"
++    - "!audit_rules_kernel_module_loading_finit"
++    - "!audit_rules_mac_modification_usr_share"
++    - "!audit_rules_privileged_commands_unix2_chkpwd"
++    - "!audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat"
++    - "!audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write"
++    - "!audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order"
++    - "!audit_rules_unsuccessful_file_modification_open_o_creat"
++    - "!audit_rules_unsuccessful_file_modification_open_o_trunc_write"
++    - "!audit_rules_unsuccessful_file_modification_open_rule_order"
++    - "!audit_rules_unsuccessful_file_modification_openat_o_creat"
++    - "!audit_rules_unsuccessful_file_modification_openat_o_trunc_write"
++    - "!audit_rules_unsuccessful_file_modification_openat_rule_order"
++    - "!audit_rules_unsuccessful_file_modification_rename"
++    - "!audit_rules_unsuccessful_file_modification_renameat"
++    - "!audit_rules_unsuccessful_file_modification_unlink"
++    - "!audit_rules_unsuccessful_file_modification_unlinkat"
++    - "!auditd_data_retention_action_mail_acct"
++    - "!auditd_data_retention_admin_space_left_action"
++    - "!auditd_data_retention_max_log_file_action"
++    - "!auditd_data_retention_max_log_file_action_stig"
++    - "!auditd_data_retention_space_left_action"
++    - "!coreos_audit_option"
++    - "!coreos_disable_interactive_boot"
++    - "!coreos_enable_selinux_kernel_argument"
++    - "!coreos_nousb_kernel_argument"
++    - "!ensure_fedora_gpgkey_installed"
++    - "!ensure_gpgcheck_repo_metadata"
++    - "!ensure_suse_gpgkey_installed"
++    - "!file_groupowner_user_cfg"
++    - "!file_owner_user_cfg"
++    - "!file_permissions_grub2_cfg"
++    - "!file_permissions_user_cfg"
++    - "!grub2_admin_username"
++    - "!grub2_uefi_admin_username"
++    - "!grub2_uefi_password"
++    - "!package_audit-audispd-plugins_installed"
++    - "!package_audit_installed"
++    - "!package_rsh-server_removed"
++    - "!package_rsh_removed"
++    - "!package_rsyslog_installed"
++    - "!package_talk-server_removed"
++    - "!package_talk_removed"
++    - "!package_tcp_wrappers_removed"
++    - "!package_xinetd_removed"
++    - "!package_ypbind_removed"
++    - "!package_ypserv_removed"
++    - "!partition_for_var_log_audit"
++    - "!require_emergency_target_auth"
++    - "!service_cron_enabled"
++    - "!service_rexec_disabled"
++    - "!service_rlogin_disabled"
++    - "!service_rsh_disabled"
++    - "!service_rsyslog_enabled"
++    - "!service_xinetd_disabled"
++    - "!service_ypbind_disabled"
++    - "!service_zebra_disabled"
++    - "!sshd_disable_rhosts_rsa"
++    - "!sshd_disable_user_known_hosts"
++    - "!sshd_set_keepalive"
++    - "!sshd_set_keepalive_0"
++    - "!sshd_use_approved_ciphers"
++    - "!sshd_use_approved_macs"
++    - "!sshd_use_priv_separation"
 diff --git a/products/almalinux9/profiles/ism_o.profile b/products/almalinux9/profiles/ism_o.profile
 new file mode 100644
-index 000000000..eace750ae
+index 000000000..098fb1c74
 --- /dev/null
 +++ b/products/almalinux9/profiles/ism_o.profile
-@@ -0,0 +1,138 @@
+@@ -0,0 +1,81 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -13673,135 +18824,78 @@ index 000000000..eace750ae
 +title: 'Australian Cyber Security Centre (ACSC) ISM Official'
 +
 +description: |-
-+  This profile contains configuration checks for AlmaLinux 9
-+  that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM)
-+  with the applicability marking of OFFICIAL.
++    This profile contains configuration checks for AlmaLinux OS 9
++    that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM)
++    with the applicability marking of OFFICIAL.
 +
-+  The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning 
-+  AlmaLinux security controls with the ISM, which can be used to select controls 
-+  specific to an organisation's security posture and risk profile.
++    The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
++    AlmaLinux OS security controls with the ISM, which can be used to select controls
++    specific to an organisation's security posture and risk profile.
 +
-+  A copy of the ISM can be found at the ACSC website:
++    A copy of the ISM can be found at the ACSC website:
 +
-+  https://www.cyber.gov.au/ism
++    https://www.cyber.gov.au/ism
 +
 +extends: e8
 +
 +selections:
-+
-+  ## Operating system configuration
-+  ## Identifiers 1491
-+  - no_shelllogin_for_systemaccounts
-+
-+  ## Local administrator accounts
-+  ## Identifiers 1382 / 1410
-+  - accounts_password_all_shadowed
-+  - package_sudo_installed
-+
-+  ## Content filtering & Anti virus
-+  ## Identifiers  0576 / 1341 / 1034 / 1417 / 1288
-+  - package_aide_installed
-+
-+  ## Software firewall
-+  ## Identifiers 1416
-+  - configure_firewalld_ports
-+  ## Removing due to build error
-+  ## - configure_firewalld_rate_limiting
-+  - firewalld_sshd_port_enabled
-+  - set_firewalld_default_zone
-+
-+  ## Endpoint device control software
-+  ## Identifiers 1418
-+  - package_usbguard_installed
-+  - service_usbguard_enabled
-+  - usbguard_allow_hid_and_hub
-+
-+  ## Authentication hardening
-+  ## Identifiers 1546 / 0974 / 1173 / 1504 / 1505 / 1401 / 1559 / 1560
-+  ## 1561 / 1546 / 0421 / 1557 / 0422 / 1558 / 1403 / 0431
-+  - sshd_use_directory_configuration
-+  - sshd_max_auth_tries_value=5
-+  - disable_host_auth
-+  - require_emergency_target_auth
-+  - require_singleuser_auth
-+  - sshd_disable_kerb_auth
-+  - sshd_set_max_auth_tries
-+
-+  ## Password authentication & Protecting credentials
-+  ## Identifiers 0421 / 0431 / 0418 / 1402
-+  - var_password_pam_minlen=14
-+  - var_accounts_password_warn_age_login_defs=7
-+  - var_accounts_minimum_age_login_defs=1
-+  - var_accounts_maximum_age_login_defs=60
-+  - var_authselect_profile=sssd
-+  - enable_authselect
-+  - accounts_password_warn_age_login_defs
-+  - accounts_maximum_age_login_defs
-+  - accounts_minimum_age_login_defs
-+  - accounts_passwords_pam_faillock_interval
-+  - accounts_passwords_pam_faillock_unlock_time
-+  - accounts_passwords_pam_faillock_deny
-+  - accounts_passwords_pam_faillock_deny_root
-+  - accounts_password_pam_minlen
-+
-+  ## Centralised logging facility
-+  ## Identifiers 1405 / 0988 
-+  - rsyslog_cron_logging
-+  - rsyslog_files_groupownership
-+  - rsyslog_files_ownership
-+  - rsyslog_files_permissions
-+  - rsyslog_nolisten
-+  - rsyslog_remote_loghost
-+  - rsyslog_remote_tls
-+  - rsyslog_remote_tls_cacert
-+  - package_chrony_installed
-+  - service_chronyd_enabled
-+  # - chronyd_specify_multiple_servers
-+  - chronyd_specify_remote_server
-+
-+  ## Events to be logged
-+  ## Identifiers 0580 / 0584 / 0582 / 0585 / 0586 / 0846 / 0957
-+  - sshd_print_last_log
-+  - sebool_auditadm_exec_content
-+  - audit_rules_privileged_commands
-+  - audit_rules_session_events
-+  - audit_rules_unsuccessful_file_modification
-+  - audit_access_failed
-+  - audit_access_success
-+
-+  ## Web application & Database servers
-+  ## Identifiers 1552 / 1277
-+
-+  ## Network design and configuration
-+  ## Identifiers 1055 / 1311 
-+  - network_nmcli_permissions
-+  - service_snmpd_disabled
-+  - snmpd_use_newer_protocol
-+
-+  ## Wireless networks
-+  ## Identifiers 1315
-+  - wireless_disable_interfaces
-+
-+  ## ASD Approved Cryptographic Algorithms
-+  ## Identifiers 0471 / 0472 / 0473 / 0474 / 0475 / 0476 / 0477 / 
-+  ## 0479 / 0480 / 0481 / 0489 / 0497 / 0994 / 0998 / 1001 /  1139 / 
-+  ## 1372 / 1373 / 1374 / 1375
-+  - enable_fips_mode
-+  - var_system_crypto_policy=fips
-+  - configure_crypto_policy
-+
-+  ## Secure Shell access
-+  ## Identifiers 0484 / 1506 / 1449 / 0487
-+  - sshd_allow_only_protocol2
-+  - sshd_enable_warning_banner
-+  - sshd_disable_x11_forwarding
-+  - file_permissions_sshd_private_key
++    - ism_o:all
++    - '!accounts_password_pam_ocredit'
++    - '!audit_rules_unsuccessful_file_modification_truncate'
++    - '!set_password_hashing_algorithm_systemauth'
++    - '!network_ipv6_static_address'
++    - '!audit_rules_unsuccessful_file_modification_ftruncate'
++    - '!kerberos_disable_no_keytab'
++    - '!audit_access_success_aarch64'
++    - '!audit_rules_unsuccessful_file_modification_creat'
++    - '!sebool_kerberos_enabled'
++    - '!force_opensc_card_drivers'
++    - '!package_subscription-manager_installed'
++    - '!system_booted_in_fips_mode'
++    - '!accounts_password_pam_minclass'
++    - '!dnf-automatic_apply_updates'
++    - '!set_password_hashing_algorithm_passwordauth'
++    - '!chronyd_or_ntpd_specify_multiple_servers'
++    - '!sebool_authlogin_radius'
++    - '!configure_kerberos_crypto_policy'
++    - '!set_password_hashing_algorithm_libuserconf'
++    - '!audit_rules_unsuccessful_file_modification_openat'
++    - '!sssd_enable_smartcards'
++    - '!openssl_use_strong_entropy'
++    - '!accounts_password_pam_ucredit'
++    - '!service_chronyd_or_ntpd_enabled'
++    - '!package_opensc_installed'
++    - '!accounts_password_pam_lcredit'
++    - '!enable_ldap_client'
++    - '!package_libdnf-plugin-subscription-manager_installed'
++    - '!sebool_authlogin_nsswitch_use_ldap'
++    - '!chronyd_configure_pool_and_server'
++    - '!set_password_hashing_algorithm_logindefs'
++    - '!service_pcscd_enabled'
++    - '!accounts_passwords_pam_tally2_unlock_time'
++    - '!package_pcsc-lite-ccid_installed'
++    - '!package_pcsc-lite_installed'
++    - '!audit_rules_unsuccessful_file_modification_open'
++    - '!configure_opensc_card_drivers'
++    - '!audit_access_success_ppc64le'
++    - '!accounts_password_pam_dcredit'
++    - '!accounts_passwords_pam_tally2_deny_root'
++    - '!audit_access_failed_ppc64le'
++    - '!audit_access_failed_aarch64'
++    - '!secure_boot_enabled'
++    - '!audit_rules_unsuccessful_file_modification_open_by_handle_at'
++    - '!accounts_password_minlen_login_defs'
++    - '!package_ypbind_removed'
++    - '!package_ypbind_removed'
++    - '!package_xinetd_removed'
++    - '!service_xinetd_disabled'
 diff --git a/products/almalinux9/profiles/ospp.profile b/products/almalinux9/profiles/ospp.profile
 new file mode 100644
-index 000000000..87ab9d31b
+index 000000000..d09ce5be7
 --- /dev/null
 +++ b/products/almalinux9/profiles/ospp.profile
-@@ -0,0 +1,343 @@
+@@ -0,0 +1,27 @@
++---
 +documentation_complete: true
 +
 +metadata:
@@ -13824,427 +18918,127 @@ index 000000000..87ab9d31b
 +    configuration, based on Configuration Annex to the OSPP.
 +
 +selections:
-+
-+    #######################################################
-+    ### GENERAL REQUIREMENTS
-+    ### Things needed to meet OSPP functional requirements.
-+    #######################################################
-+
-+    ### Partitioning
-+    - partition_for_var_log_audit
-+    - mount_option_var_log_audit_nodev
-+    - mount_option_var_log_audit_nosuid
-+    - mount_option_var_log_audit_noexec
-+
-+    ### Services
-+    # sshd
-+    - sshd_use_directory_configuration
-+    - sshd_disable_root_login
-+    - disable_host_auth
-+    - sshd_disable_empty_passwords
-+    - sshd_disable_kerb_auth
-+    - sshd_disable_gssapi_auth
-+    - sshd_rekey_limit
-+    - var_rekey_limit_size=1G
-+    - var_rekey_limit_time=1hour
-+
-+    # Time Server
-+    - chronyd_client_only
-+
-+    ### systemd
-+    - disable_ctrlaltdel_reboot
-+    - disable_ctrlaltdel_burstaction
-+    - service_debug-shell_disabled
-+    - grub2_systemd_debug-shell_argument_absent
-+
-+    ### Software update
-+    - ensure_almalinux_gpgkey_installed
-+    - ensure_gpgcheck_globally_activated
-+    - ensure_gpgcheck_local_packages
-+    - ensure_gpgcheck_never_disabled
-+
-+    ### Kernel Config
-+    ## Boot prompt
-+    - grub2_audit_argument
-+    - grub2_audit_backlog_limit_argument
-+    - grub2_vsyscall_argument
-+    - grub2_init_on_alloc_argument
-+    - grub2_page_alloc_shuffle_argument
-+
-+    ## Security Settings
-+    - sysctl_kernel_kptr_restrict
-+    - sysctl_kernel_dmesg_restrict
-+    - sysctl_kernel_kexec_load_disabled
-+    - sysctl_kernel_yama_ptrace_scope
-+    - sysctl_kernel_perf_event_paranoid
-+    - sysctl_user_max_user_namespaces
-+    - sysctl_kernel_unprivileged_bpf_disabled_accept_default
-+    - sysctl_kernel_unprivileged_bpf_disabled_value=2
-+    - service_kdump_disabled
-+
-+    ### Audit
-+    - service_auditd_enabled
-+    - var_auditd_flush=incremental_async
-+    - auditd_data_retention_flush
-+    - auditd_log_format
-+    - auditd_freq
-+    - auditd_name_format
-+
-+    ### Module Disabled
-+    - kernel_module_bluetooth_disabled
-+    - kernel_module_sctp_disabled
-+    - kernel_module_can_disabled
-+    - kernel_module_tipc_disabled
-+
-+    ### rpcbind
-+
-+    ### Install Required Packages
-+    - package_dnf-automatic_installed
-+    - package_subscription-manager_installed
-+    - package_firewalld_installed
-+    - package_openscap-scanner_installed
-+    - package_sudo_installed
-+    - package_usbguard_installed
-+    - package_scap-security-guide_installed
-+    - package_audit_installed
-+    - package_crypto-policies_installed
-+    - package_openssh-server_installed
-+    - package_openssh-clients_installed
-+    - package_chrony_installed
-+    - package_gnutls-utils_installed
-+
-+    ### Login
-+    - sysctl_kernel_core_pattern_empty_string
-+    - sysctl_kernel_core_uses_pid
-+    - service_systemd-coredump_disabled
-+    - var_authselect_profile=minimal
++    - ospp:all
 +    - enable_authselect
-+    - use_pam_wheel_for_su
-+
-+    ### SELinux Configuration
-+    - var_selinux_state=enforcing
-+    - selinux_state
-+    - var_selinux_policy_name=targeted
-+    - selinux_policytype
-+
-+    ### Application Whitelisting (RHEL 9)
-+    - package_fapolicyd_installed
-+    - service_fapolicyd_enabled
-+
-+    ### Configure USBGuard
-+    - service_usbguard_enabled
-+    - configure_usbguard_auditbackend
-+    - usbguard_allow_hid_and_hub
-+
-+
-+    ### Enable / Configure FIPS
-+    - enable_fips_mode
-+    - var_system_crypto_policy=fips_ospp
-+    - configure_crypto_policy
-+    - configure_ssh_crypto_policy
-+    - configure_openssl_crypto_policy
-+    - enable_dracut_fips_module
-+
-+    #######################################################
-+    ### CONFIGURATION ANNEX TO THE PROTECTION PROFILE
-+    ### FOR GENERAL PURPOSE OPERATING SYSTEMS
-+    ### ANNEX RELEASE 1
-+    ### FOR PROTECTION PROFILE VERSIONS 4.2
-+    ###
-+    ### https://www.niap-ccevs.org/MMO/PP/-442ConfigAnnex-/
-+    #######################################################
-+
-+    ## Configure Minimum Password Length to 12 Characters
-+    ## IA-5 (1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_password_pam_minlen=12
-+    - accounts_password_pam_minlen
-+
-+    ## Require at Least 1 Special Character in Password
-+    ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_password_pam_ocredit=1
-+    - accounts_password_pam_ocredit
-+
-+    ## Require at Least 1 Numeric Character in Password
-+    ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_password_pam_dcredit=1
-+    - accounts_password_pam_dcredit
-+
-+    ## Require at Least 1 Uppercase Character in Password
-+    ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_password_pam_ucredit=1
-+    - accounts_password_pam_ucredit
-+
-+    ## Require at Least 1 Lowercase Character in Password
-+    ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_password_pam_lcredit=1
-+    - accounts_password_pam_lcredit
-+
-+    ## Enable Screen Lock
-+    ## FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - logind_session_timeout
-+    ## Set Screen Lock Timeout Period to 30 Minutes or Less
-+    ## AC-11(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - var_logind_session_timeout=30_minutes
-+
-+    ## Disable Unauthenticated Login (such as Guest Accounts)
-+    ## FIA_UAU.1
-+    - require_singleuser_auth
-+    - grub2_disable_recovery
-+    - grub2_uefi_password
-+    - no_empty_passwords
-+
-+    ## Set Maximum Number of Authentication Failures to 3 Within 15 Minutes
-+    ## AC-7 / FIA_AFL.1
-+    - var_accounts_passwords_pam_faillock_deny=3
-+    - accounts_passwords_pam_faillock_deny
-+    - var_accounts_passwords_pam_faillock_fail_interval=900
-+    - accounts_passwords_pam_faillock_interval
-+    - var_accounts_passwords_pam_faillock_unlock_time=never
-+    - accounts_passwords_pam_faillock_unlock_time
-+
-+    ## Enable Host-Based Firewall
-+    ## SC-7(12) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    - service_firewalld_enabled
-+
-+    ## Configure Name/Addres of Remote Management Server
-+    ##  From Which to Receive Config Settings
-+    ## CM-3(3) / FMT_MOF_EXT.1
-+    # Management server not selected in FTP_ITC_EXT.1
-+
-+    ## Configure the System to Offload Audit Records to a Log
-+    ##  Server
-+    ## AU-4(1) / FAU_GEN.1.1.c
-+    # Audit server not selected in FTP_ITC_EXT.1
-+
-+    ## Set Logon Warning Banner
-+    ## AC-8(a) / FMT_MOF_EXT.1 (FTA_TAB.1)
-+    - sshd_enable_warning_banner
-+
-+    ## Audit All Logons (Success/Failure) and Logoffs (Success)
-+    ##  CNSSI 1253 Value or DoD-Specific Values:
-+    ##      (1) Logons (Success/Failure)
-+    ##      (2) Logoffs (Success)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+
-+    ## Audit File and Object Events (Unsuccessful)
-+    ##  CNSSI 1253 Value or DoD-specific Values:
-+    ##      (1) Create (Success/Failure)
-+    ##      (2) Access (Success/Failure)
-+    ##      (3) Delete (Sucess/Failure)
-+    ##      (4) Modify (Success/Failure)
-+    ##      (5) Permission Modification (Sucess/Failure)
-+    ##      (6) Ownership Modification (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    ##
-+    ##
-+    ## (1) Create (Success/Failure)
-+    ##      (open with O_CREAT)
-+    ## (2) Access (Success/Failure)
-+    ## (3) Delete (Success/Failure)
-+    ## (4) Modify (Success/Failure)
-+    ## (5) Permission Modification (Success/Failure)
-+    ## (6) Ownership Modification (Success/Failure)
-+
-+    ## Audit User and Group Management Events (Success/Failure)
-+    ##  CNSSI 1253 Value or DoD-specific Values:
-+    ##      (1) User add, delete, modify, disable, enable (Success/Failure)
-+    ##      (2) Group/Role add, delete, modify (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    ##
-+    ## Generic User and Group Management Events (Success/Failure)
-+    ## Selection of setuid programs that relate to
-+    ## user accounts.
-+    ##
-+    ## CNSSI 1253: (1) User add, delete, modify, disable, enable (Success/Failure)
-+    ##
-+    ## CNSSI 1252: (2) Group/Role add, delete, modify (Success/Failure)
-+    ##
-+    ## Audit Privilege or Role Escalation Events (Success/Failure)
-+    ##  CNSSI 1253 Value or DoD-specific Values:
-+    ##      - Privilege/Role escalation (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    ## Audit All Audit and Log Data Accesses (Success/Failure)
-+    ##  CNSSI 1253 Value or DoD-specific Values:
-+    ##      - Audit and log data access (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    ## Audit Cryptographic Verification of Software (Success/Failure)
-+    ##  CNSSI 1253 Value or DoD-specific Values:
-+    ##      - Applications (e.g. Firefox, Internet Explorer, MS Office Suite,
-+    ##        etc) initialization (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    ## Audit Kernel Module Loading and Unloading Events (Success/Failure)
-+    ## AU-2(a) / FAU_GEN.1.1.c
-+    - audit_basic_configuration
-+    - audit_immutable_login_uids
-+    - audit_create_failed
-+    - audit_create_failed_aarch64
-+    - audit_create_failed_ppc64le
-+    - audit_create_success
-+    - audit_create_success_aarch64
-+    - audit_create_success_ppc64le
-+    - audit_modify_failed
-+    - audit_modify_failed_aarch64
-+    - audit_modify_failed_ppc64le
-+    - audit_modify_success
-+    - audit_modify_success_aarch64
-+    - audit_modify_success_ppc64le
-+    - audit_access_failed
-+    - audit_access_failed_aarch64
-+    - audit_access_failed_ppc64le
-+    - audit_access_success
-+    - audit_access_success.severity=info
-+    - audit_access_success.role=unscored
-+    - audit_access_success_aarch64
-+    - audit_access_success_aarch64.severity=info
-+    - audit_access_success_aarch64.role=unscored
-+    - audit_access_success_ppc64le
-+    - audit_access_success_ppc64le.severity=info
-+    - audit_access_success_ppc64le.role=unscored
-+    - audit_delete_failed
-+    - audit_delete_failed_aarch64
-+    - audit_delete_failed_ppc64le
-+    - audit_delete_success
-+    - audit_delete_success_aarch64
-+    - audit_delete_success_ppc64le
-+    - audit_perm_change_failed
-+    - audit_perm_change_failed_aarch64
-+    - audit_perm_change_failed_ppc64le
-+    - audit_perm_change_success
-+    - audit_perm_change_success_aarch64
-+    - audit_perm_change_success_ppc64le
-+    - audit_owner_change_failed
-+    - audit_owner_change_failed_aarch64
-+    - audit_owner_change_failed_ppc64le
-+    - audit_owner_change_success
-+    - audit_owner_change_success_aarch64
-+    - audit_owner_change_success_ppc64le
-+    - audit_ospp_general
-+    - audit_ospp_general_aarch64
-+    - audit_ospp_general_ppc64le
-+    - audit_module_load
-+    - audit_module_load_ppc64le
-+
-+    ## Enable Automatic Software Updates
-+    ## SI-2 / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
-+    # Configure dnf-automatic to Install Available Updates Automatically
-+    - dnf-automatic_apply_updates
-+
-+    # Enable dnf-automatic Timer
-+    - timer_dnf-automatic_enabled
-+
-+    # set ssh client rekey limit
-+    - ssh_client_rekey_limit
-+    - var_ssh_client_rekey_limit_size=1G
-+    - var_ssh_client_rekey_limit_time=1hour
-+
-+    # zIPl specific rules
-+    - zipl_bls_entries_only
-+    - zipl_bootmap_is_up_to_date
-+    - zipl_audit_argument
-+    - zipl_audit_backlog_limit_argument
-+    - zipl_init_on_alloc_argument
-+    - zipl_page_alloc_shuffle_argument
-+    - zipl_systemd_debug-shell_argument_absent
++    - var_authselect_profile=minimal
++    - '!package_dnf-plugin-subscription-manager_installed'
 diff --git a/products/almalinux9/profiles/pci-dss.profile b/products/almalinux9/profiles/pci-dss.profile
-new file mode 100644
-index 000000000..63e40ce0b
---- /dev/null
+index 6f933a6a2..f4ca7a148 100644
+--- a/products/almalinux9/profiles/pci-dss.profile
 +++ b/products/almalinux9/profiles/pci-dss.profile
-@@ -0,0 +1,70 @@
-+documentation_complete: true
-+
-+metadata:
-+    version: '4.0.1'
-+    SMEs:
+@@ -1,13 +1,16 @@
++---
+ documentation_complete: true
+ 
+ metadata:
+     version: '4.0.1'
+     SMEs:
+-        - sej7278
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
-+
-+reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf
-+
+ 
+ reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf
+ 
+-title: 'PCI-DSS v4.0.1 Control Baseline for AlmaLinux OS 9'
 +title: 'PCI-DSS v4.0.1 Control Baseline for Red Hat Enterprise Linux 9'
-+
-+description: |-
-+    Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
-+    security standards designed to ensure the secure handling of payment card
-+    data, with the goal of preventing data breaches and protecting sensitive
-+    financial information.
-+
+ 
+ description: |-
+     Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
+@@ -15,19 +18,18 @@ description: |-
+     data, with the goal of preventing data breaches and protecting sensitive
+     financial information.
+ 
+-    This profile ensures AlmaLinux OS 9 is configured in alignment
 +    This profile ensures Red Hat Enterprise Linux 9 is configured in alignment
-+    with PCI-DSS v4.0.1 requirements.
-+
-+selections:
-+    - pcidss_4:all
+     with PCI-DSS v4.0.1 requirements.
+ 
+ selections:
+     - pcidss_4:all
+-    # audit-audispd-plugins package does not exist in AlmaLinux OS 9
 +    # audit-audispd-plugins package does not exist in RHEL 9
-+    # use only package_audispd-plugins_installed
-+    - '!package_audit-audispd-plugins_installed'
-+    # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
-+    # https://github.com/ComplianceAsCode/content/issues/11285
-+    - '!rpm_verify_permissions'
+     # use only package_audispd-plugins_installed
+     - '!package_audit-audispd-plugins_installed'
+     # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
+     # https://github.com/ComplianceAsCode/content/issues/11285
+     - '!rpm_verify_permissions'
+-    # these rules do not apply to AlmaLinux but they have to keep the prodtype for historical reasons
+-    # most of these packages are no longer available in EL9 distributions
 +    # these rules do not apply to RHEL but they have to keep the prodtype for historical reasons
-+    - '!package_audit-audispd-plugins_installed'
-+    - '!service_ntp_enabled'
-+    - '!ntpd_specify_remote_server'
-+    - '!ntpd_specify_multiple_servers'
-+    - '!set_ipv6_loopback_traffic'
-+    - '!set_loopback_traffic'
-+    - '!service_ntpd_enabled'
-+    - '!package_ypserv_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
+     - '!package_audit-audispd-plugins_installed'
+     - '!service_ntp_enabled'
+     - '!ntpd_specify_remote_server'
+@@ -42,7 +44,7 @@ selections:
+     - '!package_xinetd_removed'
+     - '!package_rsh_removed'
+     - '!package_rsh-server_removed'
+-    # Following rules once had a prodtype incompatible with the almalinux9 product
 +    # Following rules once had a prodtype incompatible with the rhel9 product
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!install_PAE_kernel_on_x86-32'
-+    - '!mask_nonessential_services'
-+    - '!aide_periodic_checking_systemd_timer'
-+    - '!nftables_ensure_default_deny_policy'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!file_owner_at_allow'
-+    - '!ensure_firewall_rules_for_open_ports'
-+    - '!cracklib_accounts_password_pam_retry'
-+    - '!gnome_gdm_disable_guest_login'
-+    - '!sshd_use_strong_kex'
-+    - '!sshd_use_approved_macs'
-+    - '!group_unique_name'
-+    - '!permissions_local_var_log'
-+    - '!sshd_use_approved_ciphers'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!ensure_suse_gpgkey_installed'
-+    - '!gnome_gdm_disable_unattended_automatic_login'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!set_password_hashing_algorithm_commonauth'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    - '!ensure_shadow_group_empty'
-+    - '!service_timesyncd_enabled'
+     - '!service_chronyd_or_ntpd_enabled'
+     - '!install_PAE_kernel_on_x86-32'
+     - '!mask_nonessential_services'
+@@ -60,7 +62,7 @@ selections:
+     - '!sshd_use_approved_ciphers'
+     - '!accounts_passwords_pam_tally2'
+     - '!ensure_suse_gpgkey_installed'
+-    - '!ensure_redhat_gpgkey_installed'
++    - ensure_almalinux_gpgkey_installed
+     - '!gnome_gdm_disable_unattended_automatic_login'
+     - '!accounts_passwords_pam_tally2_unlock_time'
+     - '!cracklib_accounts_password_pam_minlen'
+@@ -69,4 +71,5 @@ selections:
+     - '!ensure_shadow_group_empty'
+     - '!service_timesyncd_enabled'
+     - '!audit_rules_file_deletion_events_renameat2'
++    - '!audit_rules_mac_modification_etc_selinux'
+     - '!audit_rules_dac_modification_fchmodat2'
+diff --git a/products/almalinux9/profiles/standard.profile b/products/almalinux9/profiles/standard.profile
+deleted file mode 100644
+index 65b8739c2..000000000
+--- a/products/almalinux9/profiles/standard.profile
++++ /dev/null
+@@ -1,16 +0,0 @@
+-documentation_complete: false
+-
+-title: 'Standard System Security Profile for AlmaLinux OS 9'
+-
+-description: |-
+-    This profile contains rules to ensure standard security baseline
+-    of an AlmaLinux OS 9 system. Regardless of your system's workload
+-    all of these checks should pass.
+-
+-selections:
+-    - sshd_disable_root_login
+-    - ensure_almalinux_gpgkey_installed
+-    - ensure_gpgcheck_globally_activated
+-    - ensure_gpgcheck_never_disabled
+-    - rpm_verify_permissions
+-    - security_patches_up_to_date
 diff --git a/products/almalinux9/profiles/stig.profile b/products/almalinux9/profiles/stig.profile
 new file mode 100644
-index 000000000..1ab6b2a63
+index 000000000..e7a50ba81
 --- /dev/null
 +++ b/products/almalinux9/profiles/stig.profile
-@@ -0,0 +1,30 @@
+@@ -0,0 +1,31 @@
++---
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R2
++    version: V2R5
 +    SMEs:
 +        - mab879
 +        - ggbecker
 +
-+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
++reference: https://www.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
 +
 +title: 'DISA STIG for Red Hat Enterprise Linux 9'
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 9 V2R2.
++    DISA STIG for Red Hat Enterprise Linux 9 V2R5.
 +
-+    In addition to being applicable to Red Hat Enterprise Linux 9, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
++    In addition to being applicable to Red Hat Enterprise Linux 9, this
++    configuration baseline is applicable to the operating system tier of
 +    Red Hat technologies that are based on Red Hat Enterprise Linux 9, such as:
 +
 +    - Red Hat Enterprise Linux Server
@@ -14254,34 +19048,34 @@ index 000000000..1ab6b2a63
 +    - Red Hat Containers with a Red Hat Enterprise Linux 9 image
 +
 +selections:
-+  - stig_rhel9:all
++    - stig_rhel9:all
 +  # Following rules once had a prodtype incompatible with the rhel9 product
-+  - '!audit_rules_immutable_login_uids'
++    - '!audit_rules_immutable_login_uids'
 diff --git a/products/almalinux9/profiles/stig_gui.profile b/products/almalinux9/profiles/stig_gui.profile
 new file mode 100644
-index 000000000..507cd07cb
+index 000000000..a72416eb6
 --- /dev/null
 +++ b/products/almalinux9/profiles/stig_gui.profile
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,47 @@
++---
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R2
++    version: V2R5
 +    SMEs:
 +        - mab879
 +        - ggbecker
 +
-+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
++reference: https://www.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
 +
 +title: 'DISA STIG with GUI for Red Hat Enterprise Linux 9'
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 9 V2R2.
++    DISA STIG for Red Hat Enterprise Linux 9 V2R5.
 +
-+
-+    In addition to being applicable to Red Hat Enterprise Linux 9, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
++    In addition to being applicable to Red Hat Enterprise Linux 9, this
++    configuration baseline is applicable to the operating system tier of
 +    Red Hat technologies that are based on Red Hat Enterprise Linux 9, such as:
 +
 +    - Red Hat Enterprise Linux Server
@@ -14308,155 +19102,82 @@ index 000000000..507cd07cb
 +    # RHEL-09-215025
 +    - '!package_nfs-utils_removed'
 +
-+    # RHEL-09-213105
-+    # Limiting user namespaces cause issues with user apps, such as Firefox and Cheese
-+    # https://issues.redhat.com/browse/RHEL-10416
-+    - '!sysctl_user_max_user_namespaces'
 +    # locking of idle sessions is handled by screensaver when GUI is present, the following rule is therefore redundant
 +    - '!logind_session_timeout'
 diff --git a/products/almalinux9/transforms/constants.xslt b/products/almalinux9/transforms/constants.xslt
-new file mode 100644
-index 000000000..9e1090184
---- /dev/null
+index 5b1f302d3..ef2de9c12 100644
+--- a/products/almalinux9/transforms/constants.xslt
 +++ b/products/almalinux9/transforms/constants.xslt
-@@ -0,0 +1,13 @@
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-+
-+<xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
-+
-+<xsl:variable name="product_long_name">AlmaLinux 9</xsl:variable>
+@@ -3,10 +3,11 @@
+ <xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
+ 
+ <xsl:variable name="product_long_name">AlmaLinux OS 9</xsl:variable>
+-<xsl:variable name="product_short_name">AlmaLinux 9</xsl:variable>
+-<xsl:variable name="product_stig_id_name">ALMALINUX_9_STIG</xsl:variable>
 +<xsl:variable name="product_short_name">AL9</xsl:variable>
 +<xsl:variable name="product_stig_id_name">AL_9_STIG</xsl:variable>
-+<xsl:variable name="prod_type">almalinux9</xsl:variable>
-+
+ <xsl:variable name="prod_type">almalinux9</xsl:variable>
+ 
+-<xsl:variable name="cisuri">https://workbench.cisecurity.org/files/5425/download/7650</xsl:variable>
 +<xsl:variable name="cisuri">https://www.cisecurity.org/benchmark/almalinuxos_linux/</xsl:variable>
 +<xsl:variable name="disa-srguri" select="$disa-ossrguri"/>
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux9/transforms/table-style.xslt b/products/almalinux9/transforms/table-style.xslt
-new file mode 100644
-index 000000000..8b6caeab8
---- /dev/null
-+++ b/products/almalinux9/transforms/table-style.xslt
-@@ -0,0 +1,5 @@
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-+
-+<xsl:import href="../../../shared/transforms/shared_table-style.xslt"/>
-+
-+</xsl:stylesheet>
+ 
+ </xsl:stylesheet>
 diff --git a/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt b/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt
-new file mode 100644
-index 000000000..4789419b8
---- /dev/null
+index f2f1d725f..4789419b8 100644
+--- a/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt
 +++ b/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt
-@@ -0,0 +1,8 @@
-+<?xml version="1.0"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://checklists.nist.gov/xccdf/1.1" xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml" exclude-result-prefixes="xccdf">
-+
-+<xsl:include href="../../../shared/transforms/shared_xccdf-apply-overlay-stig.xslt"/>
-+<xsl:include href="constants.xslt"/>
+@@ -3,6 +3,6 @@
+ 
+ <xsl:include href="../../../shared/transforms/shared_xccdf-apply-overlay-stig.xslt"/>
+ <xsl:include href="constants.xslt"/>
+-<xsl:variable name="overlays" select="document()/xccdf:overlays" />
 +<xsl:variable name="overlays" select="document($overlay)/xccdf:overlays" />
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux9/transforms/xccdf2table-cce.xslt b/products/almalinux9/transforms/xccdf2table-cce.xslt
-new file mode 100644
-index 000000000..f156a6695
---- /dev/null
-+++ b/products/almalinux9/transforms/xccdf2table-cce.xslt
-@@ -0,0 +1,9 @@
-+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:cce="http://cce.mitre.org" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml">
-+
-+<xsl:import href="../../../shared/transforms/shared_xccdf2table-cce.xslt"/>
-+
-+<xsl:include href="constants.xslt"/>
-+<xsl:include href="table-style.xslt"/>
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt
-new file mode 100644
-index 000000000..30419e92b
---- /dev/null
-+++ b/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt
-@@ -0,0 +1,9 @@
-+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:cci="https://public.cyber.mil/stigs/cci" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:ovalns="http://oval.mitre.org/XMLSchema/oval-definitions-5">
-+
-+<xsl:import href="../../../shared/transforms/shared_xccdf2table-profileccirefs.xslt"/>
-+
-+<xsl:include href="constants.xslt"/>
-+<xsl:include href="table-style.xslt"/>
-+
-+</xsl:stylesheet>
-diff --git a/shared/checks/oval/installed_OS_is_almalinux9.xml b/shared/checks/oval/installed_OS_is_almalinux9.xml
-new file mode 100644
-index 000000000..168031ef5
---- /dev/null
-+++ b/shared/checks/oval/installed_OS_is_almalinux9.xml
-@@ -0,0 +1,36 @@
-+<def-group>
-+  <definition class="inventory"
-+  id="installed_OS_is_almalinux9" version="1">
-+    <metadata>
-+      <title>AlmaLinux 9</title>
-+      <affected family="unix">
-+        <platform>multi_platform_all</platform>
-+      </affected>
-+      <reference ref_id="cpe:/o:almalinux:almalinux:9"
-+      source="CPE" />
-+
-+      <description>The operating system installed on the system is
-+      AlmaLinux 9</description>
-+    </metadata>
-+    <criteria>
-+      <extend_definition comment="Installed OS is part of the Unix family"
-+      definition_ref="installed_OS_is_part_of_Unix_family" />
-+      <criteria operator="OR">
-+          <criterion comment="AlmaLinux 9 System is installed"
-+            test_ref="test_almalinux9_system" />
-+      </criteria>
-+    </criteria>
-+  </definition>
-+
-+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="almalinux-release is version 9" id="test_almalinux9_system" version="1">
-+    <linux:object object_ref="obj_almalinux9_system" />
-+    <linux:state state_ref="state_almalinux9_system" />
-+  </linux:rpminfo_test>
-+  <linux:rpminfo_state id="state_almalinux9_system" version="1">
-+    <linux:version operation="pattern match">^9.*$</linux:version>
-+  </linux:rpminfo_state>
-+  <linux:rpminfo_object id="obj_almalinux9_system" version="1">
-+    <linux:name>almalinux-release</linux:name>
-+  </linux:rpminfo_object>
-+
-+</def-group>
+ 
+ </xsl:stylesheet>
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index 19129cc69..683721b2b 100644
+index b718ded26..7f42310de 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -15,6 +15,7 @@
+@@ -16,6 +16,7 @@
  	<platform>multi_platform_ol</platform>
  	<platform>multi_platform_rhcos</platform>
  	<platform>multi_platform_rhel</platform>
 +<platform>multi_platform_almalinux</platform>
  	<platform>multi_platform_rhv</platform>
  	<platform>multi_platform_sle</platform>
-     <platform>multi_platform_slmicro5</platform>
-diff --git a/shared/references/disa-stig-almalinux9-v2r1-xccdf-scap.xml b/shared/references/disa-stig-almalinux9-v2r1-xccdf-scap.xml
+     <platform>multi_platform_slmicro</platform>
+diff --git a/shared/references/disa-stig-almalinux8-v2r4-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r4-xccdf-manual.xml
 new file mode 120000
-index 000000000..50d6aa2ae
+index 000000000..7b59256b3
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux9-v2r1-xccdf-scap.xml
++++ b/shared/references/disa-stig-almalinux8-v2r4-xccdf-manual.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel9-v2r1-xccdf-scap.xml
++disa-stig-rhel8-v2r4-xccdf-manual.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-almalinux9-v2r2-xccdf-manual.xml b/shared/references/disa-stig-almalinux9-v2r2-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v2r4-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r4-xccdf-scap.xml
 new file mode 120000
-index 000000000..c75dee24b
+index 000000000..20d17c72f
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux9-v2r2-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v2r4-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel9-v2r2-xccdf-manual.xml
++disa-stig-rhel8-v2r4-xccdf-scap.xml
+\ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux9-v2r5-xccdf-manual.xml b/shared/references/disa-stig-almalinux9-v2r5-xccdf-manual.xml
+new file mode 120000
+index 000000000..1efa56321
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux9-v2r5-xccdf-manual.xml
+@@ -0,0 +1 @@
++disa-stig-rhel9-v2r5-xccdf-manual.xml
+\ No newline at end of file
+diff --git a/shared/references/disa-stig-almalinux9-v2r5-xccdf-scap.xml b/shared/references/disa-stig-almalinux9-v2r5-xccdf-scap.xml
+new file mode 120000
+index 000000000..f3602d379
+--- /dev/null
++++ b/shared/references/disa-stig-almalinux9-v2r5-xccdf-scap.xml
+@@ -0,0 +1 @@
++disa-stig-rhel9-v2r5-xccdf-scap.xml
 \ No newline at end of file
 diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
 index e83699662..1efabcf62 100644
@@ -14542,16 +19263,16 @@ index e83699662..1efabcf62 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-index e159256ef..4939cfe13 100644
---- a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-51923r818600_fix" /><check system=
+diff --git a/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
+index 1c9e7252b..2e2ca9e8f 100644
+--- a/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
+@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</fixtext><fix id="F-51923r1044785_fix" /><check syst
  
- If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+ If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "100000", this is a finding.
  
--If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
   
  Generate an encrypted grub2 password for the grub superusers account with the following command: 
   
@@ -14578,20 +19299,73 @@ index e159256ef..4939cfe13 100644
  set superusers="[someuniqueUserNamehere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-index 662cf8848..6dc6f2517 100644
---- a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-32877r809272_fix" /><check system=
+diff --git a/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml b/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
+index 3737b411a..c2f91b544 100644
+--- a/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
++++ b/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
+@@ -3378,7 +3378,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</xccdf:fixtext>
+           </xccdf:reference>
+           <xccdf:platform idref="#xccdf_mil.disa.stig_platform_LinuxUEFI" />
+           <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
+-          <xccdf:fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++          <xccdf:fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+  
+ Generate an encrypted grub2 password for the grub superusers account with the following command: 
+  
+@@ -12588,8 +12588,8 @@ The "logind" service must be restarted for the changes to take effect. To restar
+             <description />
+           </metadata>
+           <criteria>
+-            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." />
+-            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
++            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." />
++            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
+           </criteria>
+         </definition>
+         <definition id="oval:mil.disa.stig.defs:def:230235" version="1" class="compliance">
+@@ -20282,11 +20282,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+         <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023303" version="1" check="all" comment="/etc/login.defs: SHA_CRYPT_MAX_ROUNDS is set">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023301" />
+         </textfilecontent54_test>
+-        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name.">
++        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name.">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023400" />
+           <state state_ref="oval:mil.disa.stig.ind:ste:23023400" />
+         </textfilecontent54_test>
+-        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
++        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023401" />
+           <state state_ref="oval:mil.disa.stig.ind:ste:23023401" />
+         </textfilecontent54_test>
+@@ -22168,12 +22168,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023400" version="1">
+-          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
++          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
+           <pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023401" version="1">
+-          <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
++          <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
+           <pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+diff --git a/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
+index ea46d8343..ae0897b61 100644
+--- a/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
+@@ -370,7 +370,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</fixtext><fix id="F-32877r1044789_fix" /><check syst
  
- If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+ If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "100000", this is a finding.
  
--If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -384,7 +384,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
+@@ -380,7 +380,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -14600,7 +19374,7 @@ index 662cf8848..6dc6f2517 100644
  
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
-@@ -6372,11 +6372,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+@@ -6337,11 +6337,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -14614,4454 +19388,3234 @@ index 662cf8848..6dc6f2517 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-index 4b581f4a0..987e46615 100644
---- a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-@@ -2548,7 +2548,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</xccdf:fixtext>
-             <dc:identifier>2921</dc:identifier>
-           </xccdf:reference>
-           <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
--          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -10262,11 +10262,11 @@ Passwords need to be protected at all times, and encryption is the standard meth
-             </affected>
-             <description>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</description>
-           </metadata>
--          <criteria operator="OR" comment="IF /boot/efi/EFI/redhat/grub.cfg exists, THEN verify a UEFI GRUB superuser password is configured.">
--            <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10602" negate="true" comment="/boot/efi/EFI/redhat/grub.cfg exists." />
-+          <criteria operator="OR" comment="IF /boot/efi/EFI/almalinux/grub.cfg exists, THEN verify a UEFI GRUB superuser password is configured.">
-+            <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10602" negate="true" comment="/boot/efi/EFI/almalinux/grub.cfg exists." />
-             <criteria>
--              <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10600" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." />
--              <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10601" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-+              <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10600" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." />
-+              <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10601" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-             </criteria>
-           </criteria>
-         </definition>
-@@ -10902,7 +10902,7 @@ Configuration settings are the set of parameters that can be changed in hardware
-             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-           <criteria operator="OR" comment="The system is UEFI or /boot is mounted and configured with the nosuid option">
--            <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10602" comment="/boot/efi/EFI/redhat/grub.cfg exists." />
-+            <criterion test_ref="oval:mil.disa.stig.rhel8:tst:10602" comment="/boot/efi/EFI/almalinux/grub.cfg exists." />
-             <criteria>
-               <criterion test_ref="oval:mil.disa.stig.rhel8:tst:16200" comment="/boot is mounted an configured with the nosuid option." />
-               <criterion test_ref="oval:mil.disa.stig.rhel8:tst:16201" comment="If /boot is configured in /etc/fstab it is with the nosuid option." />
-@@ -14439,15 +14439,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           <object object_ref="oval:mil.disa.stig.rhel8:obj:10501" />
-           <state state_ref="oval:mil.disa.stig.rhel8:ste:10500" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:tst:10600" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:tst:10600" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name.">
-           <object object_ref="oval:mil.disa.stig.rhel8:obj:10600" />
-           <state state_ref="oval:mil.disa.stig.rhel8:ste:10600" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:tst:10601" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:tst:10601" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-           <object object_ref="oval:mil.disa.stig.rhel8:obj:10601" />
-           <state state_ref="oval:mil.disa.stig.rhel8:ste:10601" />
-         </textfilecontent54_test>
--        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel8:tst:10602" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg exists.">
-+        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel8:tst:10602" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg exists.">
-           <object object_ref="oval:mil.disa.stig.rhel8:obj:10602" />
-         </file_test>
-         <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:tst:10700" version="1" check_existence="all_exist" check="all" comment="/boot/grub2/grub.cfg:superusers exists and has a name.">
-@@ -16259,18 +16259,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           <pattern operation="pattern match">^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
--        <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:obj:10600" version="1" comment="/boot/efi/EFI/redhat/grub.cfg:superusers">
--          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
-+        <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:obj:10600" version="1" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers">
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
-           <pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
--        <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:obj:10601" version="1" comment="/boot/efi/EFI/redhat/grubenv:kernelopts">
--          <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
-+        <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:obj:10601" version="1" comment="/boot/efi/EFI/almalinux/grubenv:kernelopts">
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
-           <pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
--        <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel8:obj:10602" version="1" comment="/boot/efi/EFI/redhat/grub.cfg">
--          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
-+        <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel8:obj:10602" version="1" comment="/boot/efi/EFI/almalinux/grub.cfg">
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
-         </file_object>
-         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel8:obj:10700" version="1" comment="/boot/grub2/grub.cfg:superusers">
-           <filepath datatype="string">/boot/grub2/grub.cfg</filepath>
-diff --git a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-index 1c187bcb8..a494e13c3 100644
---- a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-@@ -16677,7 +16677,8 @@ include "/etc/crypto-policies/back-ends/bind.config";</xccdf:fixtext>
-           <metadata>
-             <title>The operating system must use a Linux Security Module configured to enforce limits on system services.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SELINUX is active, enforcing, and configured to enforce</description>
-           </metadata>
-@@ -20786,7 +20787,7 @@ include "/etc/crypto-policies/back-ends/bind.config";</xccdf:fixtext>
-           </metadata>
-           <criteria operator="OR">
-             <criteria operator="AND">
--              <criterion test_ref="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/redhat/grub.cfg exists." />
-+              <criterion test_ref="oval:mil.disa.stig.unix:tst:10000600" comment="/boot/efi/EFI/almalinux/grub.cfg exists." />
-               <criteria operator="OR" comment="System is RHEL7, RHEL 8, OL7, OL8, TOSS, SLES12, SLES15, Ubuntu18, or Ubuntu20">
-                 <extend_definition definition_ref="oval:mil.disa.stig.ubuntu1804:def:1" />
-                 <extend_definition definition_ref="oval:mil.disa.stig.ubuntu2004:def:1" />
-@@ -20909,7 +20910,8 @@ include "/etc/crypto-policies/back-ends/bind.config";</xccdf:fixtext>
-           <metadata>
-             <title>RHEL-09-211010 - RHEL 9 must be a vendor-supported release.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
- 
-@@ -20923,7 +20925,8 @@ Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise
-           <metadata>
-             <title>RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.</description>
-           </metadata>
-@@ -20935,7 +20938,8 @@ Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise
-           <metadata>
-             <title>RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  
- 
-@@ -20949,7 +20953,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           <metadata>
-             <title>RHEL-09-211040 - RHEL 9 systemd-journald service must be enabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.</description>
-           </metadata>
-@@ -20961,7 +20966,8 @@ The rngd service feeds random data from hardware device to kernel random device.
-           <metadata>
-             <title>RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
- 
-@@ -20975,7 +20981,8 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-211050 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
- 
-@@ -20989,7 +20996,8 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-211055 - RHEL 9 debug-shell systemd service must be disabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
- 
-@@ -21003,7 +21011,8 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-212010 - RHEL 9 must require a boot loader superuser password.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
- 
-@@ -21017,7 +21026,8 @@ Password protection on the boot loader configuration ensures users with physical
-           <metadata>
-             <title>RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Using interactive or recovery boot, the console user could disable auditing, firewalls, or other services, weakening system security.</description>
-           </metadata>
-@@ -21029,7 +21039,8 @@ Password protection on the boot loader configuration ensures users with physical
-           <metadata>
-             <title>RHEL-09-212025 - RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "root" group is a highly privileged group. Furthermore, the group-owner of this file should not have any access privileges anyway.</description>
-           </metadata>
-@@ -21041,7 +21052,8 @@ Password protection on the boot loader configuration ensures users with physical
-           <metadata>
-             <title>RHEL-09-212030 - RHEL 9 /boot/grub2/grub.cfg file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The " /boot/grub2/grub.cfg" file stores sensitive system configuration. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -21053,7 +21065,8 @@ Password protection on the boot loader configuration ensures users with physical
-           <metadata>
-             <title>RHEL-09-212035 - RHEL 9 must disable virtual system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>System calls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks. Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes. Virtual system calls map into user space a page that contains some variables and the implementation of some system calls. This allows the system calls to be executed in userspace to alleviate the context switching expense.
- 
-@@ -21069,7 +21082,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Poisoning writes an arbitrary value to freed pages, so any modification or reference to that page after being freed or before being initialized will be detected and prevented. This prevents many types of use-after-free vulnerabilities at little performance cost. Also prevents leak of data and detection of corrupted memory.
- 
-@@ -21083,7 +21097,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-212045 - RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Some adversaries launch attacks with the intent of executing code in nonexecutable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
- 
-@@ -21101,7 +21116,8 @@ Satisfies: SRG-OS-000433-GPOS-00192, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Kernel page-table isolation is a kernel feature that mitigates the Meltdown security vulnerability and hardens the kernel against attempts to bypass kernel address space layout randomization (KASLR).
- 
-@@ -21115,7 +21131,8 @@ Satisfies: SRG-OS-000433-GPOS-00193, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -21131,7 +21148,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -21151,7 +21169,8 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000138-GPOS-00069</description>
-           <metadata>
-             <title>RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -21171,7 +21190,8 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000138-GPOS-00069</description>
-           <metadata>
-             <title>RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -21187,7 +21207,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000366-GPOS-00153</description>
-           <metadata>
-             <title>RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Exposing kernel pointers (through procfs or "seq_printf()") exposes kernel writeable structures, which may contain functions pointers. If a write vulnerability occurs in the kernel, allowing write access to any of this structure, the kernel can be compromised. This option disallows any program without the CAP_SYSLOG capability to get the addresses of kernel pointers by replacing them with "0".
- 
-@@ -21201,7 +21222,8 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000433-GPOS-00192, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigates vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().
- 
-@@ -21215,7 +21237,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the user identifier (UID) of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().
- 
-@@ -21229,7 +21252,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213040 - RHEL 9 must disable the kernel.core_pattern.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
-           </metadata>
-@@ -21241,7 +21265,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213045 - RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Disabling Asynchronous Transfer Mode (ATM) protects the system against exploitation of any flaws in its implementation.</description>
-           </metadata>
-@@ -21253,7 +21278,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Disabling Controller Area Network (CAN) protects the system against exploitation of any flaws in its implementation.</description>
-           </metadata>
-@@ -21265,7 +21291,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213055 - RHEL 9 must be configured to disable the FireWire kernel module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Disabling firewire protects the system against exploitation of any flaws in its implementation.</description>
-           </metadata>
-@@ -21277,7 +21304,8 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
-           <metadata>
-             <title>RHEL-09-213060 - RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21293,7 +21321,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
-           <metadata>
-             <title>RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21309,7 +21338,8 @@ The Transparent Inter Process Communication (TIPC) is a protocol that is special
-           <metadata>
-             <title>RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they have introduced into a process' address space during an attempt at exploitation. Additionally, ASLR makes it more difficult for an attacker to know the location of existing code in order to repurpose it using return oriented programming (ROP) techniques.
- 
-@@ -21323,7 +21353,8 @@ Satisfies: SRG-OS-000433-GPOS-00193, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Loading and accessing the packet filters programs and maps using the bpf() system call has the potential of revealing sensitive information about the kernel state.
- 
-@@ -21337,7 +21368,8 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unrestricted usage of ptrace allows compromised binaries to run ptrace on other processes of the user. Like this, the attacker can steal sensitive information from the target processes (e.g., SSH sessions, web browser, etc.) without any additional assistance from the user (i.e., without resorting to phishing).
- 
-@@ -21351,7 +21383,8 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-213085 - RHEL 9 must disable core dump backtraces.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers or system operators trying to debug problems.
- 
-@@ -21365,7 +21398,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-213090 - RHEL 9 must disable storing core dumps.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers or system operators trying to debug problems. Enabling core dumps on production systems is not recommended; however, there may be overriding operational requirements to enable advanced debugging. Permitting temporary enablement of core dumps during such situations must be reviewed through local needs and policy.</description>
-           </metadata>
-@@ -21377,7 +21411,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-213095 - RHEL 9 must disable core dumps for all users.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
-           </metadata>
-@@ -21389,7 +21424,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-213100 - RHEL 9 must disable acquiring, saving, and processing core dumps.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
-           </metadata>
-@@ -21401,7 +21437,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-213105 - RHEL 9 must disable the use of user namespaces.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>User namespaces are used primarily for Linux containers. The value "0" disallows the use of user namespaces.</description>
-           </metadata>
-@@ -21413,7 +21450,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-213115 - The kdump service on RHEL 9 must be disabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition. Unless the system is used for kernel development or testing, there is little need to run the kdump service.</description>
-           </metadata>
-@@ -21425,7 +21463,8 @@ Enabling core dumps on production systems is not recommended; however, there may
-           <metadata>
-             <title>RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -21441,7 +21480,8 @@ Verifying the authenticity of software prior to installation validates the integ
-           <metadata>
-             <title>RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -21457,7 +21497,8 @@ Verifying the authenticity of software prior to installation validates the integ
-           <metadata>
-             <title>RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -21473,7 +21514,8 @@ Verifying the authenticity of software prior to installation validates the integ
-           <metadata>
-             <title>RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by some adversaries.</description>
-           </metadata>
-@@ -21485,7 +21527,8 @@ Verifying the authenticity of software prior to installation validates the integ
-           <metadata>
-             <title>RHEL-09-215010 - RHEL 9 subscription-manager package must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The Red Hat Subscription Manager application manages software subscriptions and software repositories for installed software products on the local system. It communicates with backend servers, such as the Red Hat Customer Portal or an on-premise instance of Subscription Asset Manager, to register the local system and grant access to software resources determined by the subscription entitlement.</description>
-           </metadata>
-@@ -21497,7 +21540,8 @@ Verifying the authenticity of software prior to installation validates the integ
-           <metadata>
-             <title>RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
- 
-@@ -21513,7 +21557,8 @@ Satisfies: SRG-OS-000074-GPOS-00042, SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-215020 - RHEL 9 must not have the sendmail package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The sendmail software was not developed with security in mind, and its design prevents it from being effectively contained by SELinux. Postfix must be used instead.
- 
-@@ -21527,7 +21572,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-215025 - RHEL 9 must not have the nfs-utils package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"nfs-utils" provides a daemon for the kernel NFS server and related tools. This package also contains the "showmount" program. "showmount" queries the mount daemon on a remote host for information about the Network File System (NFS) server on the remote host. For example, "showmount" can display the clients that are mounted on that host.</description>
-           </metadata>
-@@ -21539,7 +21585,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-215030 - RHEL 9 must not have the ypserv package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session.
- 
-@@ -21553,7 +21600,8 @@ Removing the "ypserv" package decreases the risk of the accidental (or intention
-           <metadata>
-             <title>RHEL-09-215035 - RHEL 9 must not have the rsh-server package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "rsh-server" service provides unencrypted remote access service, which does not provide for the confidentiality and integrity of user passwords or the remote session and has very weak authentication. If a privileged user were to login using this service, the privileged user password could be compromised. The "rsh-server" package provides several obsolete and insecure network services. Removing it decreases the risk of accidental (or intentional) activation of those services.</description>
-           </metadata>
-@@ -21565,7 +21613,8 @@ Removing the "ypserv" package decreases the risk of the accidental (or intention
-           <metadata>
-             <title>RHEL-09-215040 - RHEL 9 must not have the telnet-server package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities are often overlooked and therefore, may remain unsecure. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21581,7 +21630,8 @@ Removing the "telnet-server" package decreases the risk of accidental (or intent
-           <metadata>
-             <title>RHEL-09-215045 - RHEL 9 must not have the gssproxy package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore, may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21599,7 +21649,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-215050 - RHEL 9 must not have the iprutils package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21617,7 +21668,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-215055 - RHEL 9 must not have the tuned package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -21635,7 +21687,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-215060 - RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Removing the "tftp-server" package decreases the risk of the accidental (or intentional) activation of tftp services.
- 
-@@ -21649,7 +21702,8 @@ If TFTP is required for operational support (such as transmission of router conf
-           <metadata>
-             <title>RHEL-09-215065 - RHEL 9 must not have the quagga package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) for Unix and Linux platforms.
- 
-@@ -21663,7 +21717,8 @@ If there is no need to make the router software available, removing it provides
-           <metadata>
-             <title>RHEL-09-215070 - A graphical display manager must not be installed on RHEL 9 unless approved.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.</description>
-           </metadata>
-@@ -21675,7 +21730,8 @@ If there is no need to make the router software available, removing it provides
-           <metadata>
-             <title>RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. The DOD CAC with DOD-approved PKI is an example of multifactor authentication.
- 
-@@ -21689,7 +21745,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-215080 - RHEL 9 must have the gnutls-utils package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains command line TLS client and server and certificate manipulation tools.</description>
-           </metadata>
-@@ -21701,7 +21758,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-215085 - RHEL 9 must have the nss-tools package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Install the "nss-tools" package to install command-line tools to manipulate the NSS certificate and key database.</description>
-           </metadata>
-@@ -21713,7 +21771,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-215090 - RHEL 9 must have the rng-tools package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"rng-tools" provides hardware random number generator tools, such as those used in the formation of x509/PKI certificates.</description>
-           </metadata>
-@@ -21725,7 +21784,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-215095 - RHEL 9 must have the s-nail package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "s-nail" package provides the mail command required to allow sending email notifications of unauthorized configuration changes to designated personnel.</description>
-           </metadata>
-@@ -21737,7 +21797,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-231010 - A separate RHEL 9 file system must be used for user home directories (such as /home or an equivalent).</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Ensuring that "/home" is mounted on its own partition enables the setting of more restrictive mount options, and also helps ensure that users cannot trivially fill partitions used for log or audit data storage.</description>
-           </metadata>
-@@ -21749,7 +21810,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-231015 - RHEL 9 must use a separate file system for /tmp.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/tmp" partition is used as temporary storage by many programs. Placing "/tmp" in its own partition enables the setting of more restrictive mount options, which can help protect programs that use it.</description>
-           </metadata>
-@@ -21761,7 +21823,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-231020 - RHEL 9 must use a separate file system for /var.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Ensuring that "/var" is mounted on its own partition enables the setting of more restrictive mount options. This helps protect system services such as daemons or other programs which use it. It is not uncommon for the "/var" directory to contain world-writable directories installed by other software packages.</description>
-           </metadata>
-@@ -21773,7 +21836,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-231025 - RHEL 9 must use a separate file system for /var/log.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Placing "/var/log" in its own partition enables better separation between log files and other files in "/var/".</description>
-           </metadata>
-@@ -21785,7 +21849,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
-           <metadata>
-             <title>RHEL-09-231030 - RHEL 9 must use a separate file system for the system audit data path.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Placing "/var/log/audit" in its own partition enables better separation between audit files and other system files, and helps ensure that auditing cannot be halted due to the partition running out of space.
- 
-@@ -21799,7 +21864,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231035 - RHEL 9 must use a separate file system for /var/tmp.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/var/tmp" partition is used as temporary storage by many programs. Placing "/var/tmp" in its own partition enables the setting of more restrictive mount options, which can help protect programs that use it.</description>
-           </metadata>
-@@ -21811,7 +21877,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231040 - RHEL 9 file system automount function must be disabled unless required.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message.
- 
-@@ -21825,7 +21892,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-231045 - RHEL 9 must prevent device files from being interpreted on file systems that contain user home directories.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -21839,7 +21907,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231050 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -21853,7 +21922,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231055 - RHEL 9 must prevent code from being executed on file systems that contain user home directories.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21865,7 +21935,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231060 - RHEL 9 must be configured so that the Network File System (NFS) is configured to use RPCSEC_GSS.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>When an NFS server is configured to use RPCSEC_SYS, a selected userid and groupid are used to handle requests from the remote user. The userid and groupid could mistakenly or maliciously be set incorrectly. The RPCSEC_GSS method of authentication uses certificates on the server and client systems to more securely authenticate the remote mount request.</description>
-           </metadata>
-@@ -21877,7 +21948,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231065 - RHEL 9 must prevent special devices on file systems that are imported via Network File System (NFS).</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21889,7 +21961,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231070 - RHEL 9  must prevent code from being executed on file systems that are imported via Network File System (NFS).</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21901,7 +21974,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231075 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21913,7 +21987,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231095 - RHEL 9 must mount /boot with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The only legitimate location for device files is the "/dev" directory located on the root partition. The only exception to this is chroot jails.</description>
-           </metadata>
-@@ -21925,7 +22000,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231100 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -21939,7 +22015,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231105 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -21953,7 +22030,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-231110 - RHEL 9 must mount /dev/shm with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -21967,7 +22045,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231115 - RHEL 9 must mount /dev/shm with the noexec option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21979,7 +22058,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231120 - RHEL 9 must mount /dev/shm with the nosuid option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -21991,7 +22071,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231125 - RHEL 9 must mount /tmp with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22005,7 +22086,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231130 - RHEL 9 must mount /tmp with the noexec option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22017,7 +22099,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231135 - RHEL 9 must mount /tmp with the nosuid option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22029,7 +22112,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231140 - RHEL 9 must mount /var with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22043,7 +22127,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231145 - RHEL 9 must mount /var/log with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22057,7 +22142,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231150 - RHEL 9 must mount /var/log with the noexec option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22069,7 +22155,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231155 - RHEL 9 must mount /var/log with the nosuid option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22081,7 +22168,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231160 - RHEL 9 must mount /var/log/audit with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22095,7 +22183,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231165 - RHEL 9 must mount /var/log/audit with the noexec option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22107,7 +22196,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231170 - RHEL 9 must mount /var/log/audit with the nosuid option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22119,7 +22209,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231175 - RHEL 9 must mount /var/tmp with the nodev option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22133,7 +22224,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231180 - RHEL 9 must mount /var/tmp with the noexec option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22145,7 +22237,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231185 - RHEL 9 must mount /var/tmp with the nosuid option.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
-           </metadata>
-@@ -22157,7 +22250,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-231195 - RHEL 9 must disable mounting of cramfs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -22173,7 +22267,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
-           <metadata>
-             <title>RHEL-09-231200 - RHEL 9 must prevent special devices on non-root local partitions.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
- 
-@@ -22187,7 +22282,8 @@ The only legitimate location for device files is the "/dev" directory located on
-           <metadata>
-             <title>RHEL-09-232010 - RHEL 9 system commands must have mode 755 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22201,7 +22297,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232015 - RHEL 9 library directories must have mode 755 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22215,7 +22312,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232020 - RHEL 9 library files must have mode 755 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22229,7 +22327,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232025 - RHEL 9 /var/log directory must have mode 0755 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22243,7 +22342,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232030 - RHEL 9 /var/log/messages file must have mode 0640 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22257,7 +22357,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232035 - RHEL 9 audit tools must have a mode of 0755 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -22273,7 +22374,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232040 - RHEL 9 cron configuration directories must have a mode of 0700 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations. Therefore, service configuration files should have the correct access rights to prevent unauthorized changes.</description>
-           </metadata>
-@@ -22285,7 +22387,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232045 - All RHEL 9 local initialization files must have mode 0740 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.</description>
-           </metadata>
-@@ -22297,7 +22400,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232050 - All RHEL 9 local interactive user home directories must have mode 0750 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.</description>
-           </metadata>
-@@ -22309,7 +22413,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232055 - RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22321,7 +22426,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232060 - RHEL 9 /etc/group- file must have mode 0644 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22333,7 +22439,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232065 - RHEL 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22345,7 +22452,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232070 - RHEL 9 /etc/gshadow- file must have mode 0000 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22357,7 +22465,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232075 - RHEL 9 /etc/passwd file must have mode 0644 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If the "/etc/passwd" file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22369,7 +22478,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232080 - RHEL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22381,7 +22491,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232085 - RHEL 9 /etc/shadow- file must have mode 0000 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22393,7 +22504,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232090 - RHEL 9 /etc/group file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22405,7 +22517,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232095 - RHEL 9 /etc/group file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22417,7 +22530,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232100 - RHEL 9 /etc/group- file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22429,7 +22543,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232105 - RHEL 9 /etc/group- file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
-           </metadata>
-@@ -22441,7 +22556,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232110 - RHEL 9 /etc/gshadow file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22453,7 +22569,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232115 - RHEL 9 /etc/gshadow file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22465,7 +22582,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232120 - RHEL 9 /etc/gshadow- file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22477,7 +22595,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232125 - RHEL 9 /etc/gshadow- file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22489,7 +22608,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232130 - RHEL 9 /etc/passwd file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/passwd" file contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22501,7 +22621,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232135 - RHEL 9 /etc/passwd file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/passwd" file contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22513,7 +22634,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232140 - RHEL 9 /etc/passwd- file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22525,7 +22647,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232145 - RHEL 9 /etc/passwd- file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22537,7 +22660,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232150 - RHEL 9 /etc/shadow file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow" file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information, which could weaken the system security posture.</description>
-           </metadata>
-@@ -22549,7 +22673,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232155 - RHEL 9 /etc/shadow file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow" file stores password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22561,7 +22686,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232160 - RHEL 9 /etc/shadow- file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22573,7 +22699,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232165 - RHEL 9 /etc/shadow- file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
-           </metadata>
-@@ -22585,7 +22712,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232170 - RHEL 9 /var/log directory must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22599,7 +22727,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232175 - RHEL 9 /var/log directory must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22613,7 +22742,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22627,7 +22757,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232185 - RHEL 9 /var/log/messages file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -22641,7 +22772,8 @@ The structure and content of error messages must be carefully considered by the
-           <metadata>
-             <title>RHEL-09-232190 - RHEL 9 system commands must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22655,7 +22787,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232195 - RHEL 9 system commands must be group-owned by root or a system account.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22669,7 +22802,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232200 - RHEL 9 library files must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22683,7 +22817,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232205 - RHEL 9 library files must be group-owned by root or a system account.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22697,7 +22832,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232210 - RHEL 9 library directories must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22711,7 +22847,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232215 - RHEL 9 library directories must be group-owned by root or a system account.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -22725,7 +22862,8 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
-           <metadata>
-             <title>RHEL-09-232220 - RHEL 9 audit tools must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -22741,7 +22879,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232225 - RHEL 9 audit tools must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data; therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -22757,7 +22896,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232230 - RHEL 9 cron configuration files directory must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
-           </metadata>
-@@ -22769,7 +22909,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232235 - RHEL 9 cron configuration files directory must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files should be owned by the correct group to prevent unauthorized changes.</description>
-           </metadata>
-@@ -22781,7 +22922,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232265 - RHEL 9 /etc/crontab file must have mode 0600.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files must have the correct access rights to prevent unauthorized changes.</description>
-           </metadata>
-@@ -22793,7 +22935,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-232270 - RHEL 9 /etc/shadow file must have mode 0000 to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "/etc/shadow" file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information, which could weaken the system security posture.</description>
-           </metadata>
-@@ -22805,7 +22948,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           <metadata>
-             <title>RHEL-09-251010 - RHEL 9 must have the firewalld package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
- 
-@@ -22833,7 +22977,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000298-GPO
-           <metadata>
-             <title>RHEL-09-251015 - The firewalld service on RHEL 9 must be active.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
- 
-@@ -22853,7 +22998,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
- 
-@@ -22867,7 +23013,8 @@ This requirement addresses the configuration of RHEL 9 to mitigate the impact of
-           <metadata>
-             <title>RHEL-09-251040 - RHEL 9 network interfaces must not be in promiscuous mode.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
- 
-@@ -22881,7 +23028,8 @@ If the system is being used to perform a network troubleshooting function, the u
-           <metadata>
-             <title>RHEL-09-251045 - RHEL 9 must enable hardening for the Berkeley Packet Filter just-in-time compiler.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>When hardened, the extended Berkeley Packet Filter (BPF) just-in-time (JIT) compiler will randomize any kernel addresses in the BPF programs and maps, and will not expose the JIT addresses in "/proc/kallsyms".</description>
-           </metadata>
-@@ -22893,7 +23041,8 @@ If the system is being used to perform a network troubleshooting function, the u
-           <metadata>
-             <title>RHEL-09-252010 - RHEL 9 must have the chrony package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.</description>
-           </metadata>
-@@ -22905,7 +23054,8 @@ If the system is being used to perform a network troubleshooting function, the u
-           <metadata>
-             <title>RHEL-09-252015 - RHEL 9 chronyd service must be enabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
- 
-@@ -22919,7 +23069,8 @@ Synchronizing internal information system clocks provides uniformity of time sta
-           <metadata>
-             <title>RHEL-09-252025 - RHEL 9 must disable the chrony daemon from acting as a server.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Minimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.
- 
-@@ -22933,7 +23084,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-252030 - RHEL 9 must disable network management of the chrony daemon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Not exposing the management interface of the chrony daemon on the network diminishes the attack space.
- 
-@@ -22947,7 +23099,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-252035 - RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.</description>
-           </metadata>
-@@ -22959,7 +23112,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-252040 - RHEL 9 must configure a DNS processing mode set be Network Manager.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In order to ensure that DNS resolver settings are respected, a DNS mode in Network Manager must be configured.</description>
-           </metadata>
-@@ -22971,7 +23125,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.</description>
-           </metadata>
-@@ -22983,7 +23138,8 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
-           <metadata>
-             <title>RHEL-09-252060 - RHEL 9 must forward mail from postmaster to the root account using a postfix alias.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -22997,7 +23153,8 @@ Audit processing failures include software/hardware errors, failures in the audi
-           <metadata>
-             <title>RHEL-09-252065 - RHEL 9 libreswan package must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.
- 
-@@ -23011,7 +23168,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-252070 - There must be no shosts.equiv files on RHEL 9.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The shosts.equiv files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
-           </metadata>
-@@ -23023,7 +23181,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-252075 - There must be no .shosts files on RHEL 9.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
-           </metadata>
-@@ -23035,7 +23194,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-253010 - RHEL 9 must be configured to use TCP syncookies.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Denial of service (DoS) is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity. 
- 
-@@ -23051,7 +23211,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000420-GPOS-00186, SRG-OS-000142-GPO
-           <metadata>
-             <title>RHEL-09-253015 - RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -23065,7 +23226,8 @@ This feature of the IPv4 protocol has few legitimate uses. It should be disabled
-           <metadata>
-             <title>RHEL-09-253020 - RHEL 9 must not forward Internet Protocol version 4 (IPv4) source-routed packets.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Source-routed packets allow the source of the packet to suggest routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routerd traffic, such as when IPv4 forwarding is enabled and the system is functioning as a router.
- 
-@@ -23079,7 +23241,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253025 - RHEL 9 must log IPv4 packets with impossible addresses.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The presence of "martian" packets (which have impossible addresses) as well as spoofed packets, source-routed packets, and redirects could be a sign of nefarious network activity. Logging these packets enables this activity to be detected.</description>
-           </metadata>
-@@ -23091,7 +23254,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253030 - RHEL 9 must log IPv4 packets with impossible addresses by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The presence of "martian" packets (which have impossible addresses) as well as spoofed packets, source-routed packets, and redirects could be a sign of nefarious network activity. Logging these packets enables this activity to be detected.</description>
-           </metadata>
-@@ -23103,7 +23267,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253035 - RHEL 9 must use reverse path filtering on all IPv4 interfaces.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enabling reverse path filtering drops packets with source addresses that should not have been able to be received on the interface on which they were received. It must not be used on systems that are routers for complicated networks, but is helpful for end hosts and routers serving small networks.</description>
-           </metadata>
-@@ -23115,7 +23280,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253040 - RHEL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -23129,7 +23295,8 @@ This feature of the IPv4 protocol has few legitimate uses. It must be disabled u
-           <metadata>
-             <title>RHEL-09-253045 - RHEL 9 must not forward IPv4 source-routed packets by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Source-routed packets allow the source of the packet to suggest routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures.
- 
-@@ -23143,7 +23310,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253050 - RHEL 9 must use a reverse-path filter for IPv4 network traffic when possible by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enabling reverse path filtering drops packets with source addresses that should not have been able to be received on the interface on which they were received. It must not be used on systems that are routers for complicated networks, but is helpful for end hosts and routers serving small networks.</description>
-           </metadata>
-@@ -23155,7 +23323,8 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Responding to broadcast (ICMP) echoes facilitates network mapping and provides a vector for amplification attacks.
- 
-@@ -23169,7 +23338,8 @@ Ignoring ICMP echo requests (pings) sent to broadcast or multicast addresses mak
-           <metadata>
-             <title>RHEL-09-253060 - RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Some routers will send responses to broadcast frames that violate RFC-1122, which fills up a log file system with many useless error messages. An attacker may take advantage of this and attempt to flood the logs with bogus error logs. Ignoring bogus ICMP error responses reduces log size, although some activity would not be logged.</description>
-           </metadata>
-@@ -23181,7 +23351,8 @@ Ignoring ICMP echo requests (pings) sent to broadcast or multicast addresses mak
-           <metadata>
-             <title>RHEL-09-253065 - RHEL 9 must not send Internet Control Message Protocol (ICMP) redirects.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table possibly revealing portions of the network topology.
- 
-@@ -23195,7 +23366,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-253070 - RHEL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table possibly revealing portions of the network topology.
- 
-@@ -23209,7 +23381,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-253075 - RHEL 9 must not enable IPv4 packet forwarding unless the system is a router.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this capability is used when not required, system network information may be unnecessarily transmitted across the network.</description>
-           </metadata>
-@@ -23221,7 +23394,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254010 - RHEL 9 must not accept router advertisements on all IPv6 interfaces.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An illicit router advertisement message could result in a man-in-the-middle attack.</description>
-           </metadata>
-@@ -23233,7 +23407,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254015 - RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An illicit ICMP redirect message could result in a man-in-the-middle attack.</description>
-           </metadata>
-@@ -23245,7 +23420,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254020 - RHEL 9 must not forward IPv6 source-routed packets.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.</description>
-           </metadata>
-@@ -23257,7 +23433,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>IP forwarding permits the kernel to forward packets from one network interface to another. The ability to forward packets between two networks is only appropriate for systems acting as routers.</description>
-           </metadata>
-@@ -23269,7 +23446,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254030 - RHEL 9 must not accept router advertisements on all IPv6 interfaces by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An illicit router advertisement message could result in a man-in-the-middle attack.</description>
-           </metadata>
-@@ -23281,7 +23459,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254035 - RHEL 9 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.</description>
-           </metadata>
-@@ -23293,7 +23472,8 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
-           <metadata>
-             <title>RHEL-09-254040 - RHEL 9 must not forward IPv6 source-routed packets by default.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -23307,7 +23487,8 @@ Accepting source-routed packets in the IPv6 protocol has few legitimate uses. It
-           <metadata>
-             <title>RHEL-09-255010 - All RHEL 9 networked systems must have SSH installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -23325,7 +23506,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
-           <metadata>
-             <title>RHEL-09-255015 - All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -23343,7 +23525,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
-           <metadata>
-             <title>RHEL-09-255020 - RHEL 9 must have the openssh-clients package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>This package includes utilities to make encrypted connections and transfer files securely to SSH servers.</description>
-           </metadata>
-@@ -23355,7 +23538,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
-           <metadata>
-             <title>RHEL-09-255025 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a SSH logon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.
- 
-@@ -23369,7 +23553,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
-           <metadata>
-             <title>RHEL-09-255030 - RHEL 9 must log SSH connection attempts and failures to the server.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SSH provides several logging levels with varying amounts of verbosity. "DEBUG" is specifically not recommended other than strictly for debugging SSH communications since it provides so much data that it is difficult to identify important security information. "INFO" or "VERBOSE" level is the basic level that only records login activity of SSH users. In many situations, such as Incident Response, it is important to determine when a particular user was active on a system. The logout record can eliminate those users who disconnected, which helps narrow the field.</description>
-           </metadata>
-@@ -23381,7 +23566,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
-           <metadata>
-             <title>RHEL-09-255035 - RHEL 9 SSHD must accept public key authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. A DOD CAC with DOD-approved PKI is an example of multifactor authentication.
- 
-@@ -23395,7 +23581,8 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPO
-           <metadata>
-             <title>RHEL-09-255040 - RHEL 9 SSHD must not allow blank passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
- 
-@@ -23409,7 +23596,8 @@ Satisfies: SRG-OS-000106-GPOS-00053, SRG-OS-000480-GPOS-00229, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-255045 - RHEL 9 must not permit direct logons to the root account using remote access via SSH.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging directly on as root. In addition, logging in with a user-specific account provides individual accountability of actions performed on the system and also helps to minimize direct attack attempts on root's password.
- 
-@@ -23425,7 +23613,8 @@ Satisfies: SRG-OS-000109-GPOS-00056, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255050 - RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>When UsePAM is set to "yes", PAM runs through account and session types properly. This is important when restricted access to services based off of IP, time, or other factors of the account is needed. Additionally, this ensures users can inherit certain environment variables on login or disallow access to the server.</description>
-           </metadata>
-@@ -23437,7 +23626,8 @@ Satisfies: SRG-OS-000109-GPOS-00056, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255055 - RHEL 9 SSH daemon must be configured to use system-wide crypto policies.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -23453,7 +23643,8 @@ Cryptographic mechanisms used for protecting the integrity of information includ
-           <metadata>
-             <title>RHEL-09-255060 - RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH client connections.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -23471,7 +23662,8 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
-           <metadata>
-             <title>RHEL-09-255065 - RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH server connections.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -23489,7 +23681,8 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
-           <metadata>
-             <title>RHEL-09-255075 - RHEL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -23507,7 +23700,8 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
-           <metadata>
-             <title>RHEL-09-255080 - RHEL 9 must not allow a noncertificate trusted host SSH logon to the system.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts.</description>
-           </metadata>
-@@ -23519,7 +23713,8 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
-           <metadata>
-             <title>RHEL-09-255085 - RHEL 9 must not allow users to override SSH environment variables.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SSH environment options potentially allow users to bypass access restriction in some configurations.</description>
-           </metadata>
-@@ -23531,7 +23726,8 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
-           <metadata>
-             <title>RHEL-09-255090 - RHEL 9 must force a frequent session key renegotiation for SSH connections to the server.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -23551,7 +23747,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000033-GPOS-00014, SRG-OS-000424-GPO
-           <metadata>
-             <title>RHEL-09-255095 - RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
- 
-@@ -23569,7 +23766,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPOS-00109</description>
-           <metadata>
-             <title>RHEL-09-255100 - RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
- 
-@@ -23587,7 +23785,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255105 - RHEL 9 SSH server configuration file must be group-owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services, which if configured incorrectly, can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
-           </metadata>
-@@ -23599,7 +23798,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255110 - RHEL 9 SSH server configuration file must be owned by root.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services, which if configured incorrectly, can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
-           </metadata>
-@@ -23611,7 +23811,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255115 - RHEL 9 SSH server configuration file must have mode 0600 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations. Therefore, service configuration files should be owned by the correct group to prevent unauthorized changes.</description>
-           </metadata>
-@@ -23623,7 +23824,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255120 - RHEL 9 SSH private host key files must have mode 0640 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If an unauthorized user obtains the private SSH host key file, the host could be impersonated.</description>
-           </metadata>
-@@ -23635,7 +23837,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255125 - RHEL 9 SSH public host key files must have mode 0644 or less permissive.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If a public host key file is modified by an unauthorized user, the SSH service may be compromised.</description>
-           </metadata>
-@@ -23647,7 +23850,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255130 - RHEL 9 SSH daemon must not allow compression or must only allow compression after successful authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.</description>
-           </metadata>
-@@ -23659,7 +23863,8 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
-           <metadata>
-             <title>RHEL-09-255135 - RHEL 9 SSH daemon must not allow GSSAPI authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Generic Security Service Application Program Interface (GSSAPI) authentication is used to provide additional authentication mechanisms to applications. Allowing GSSAPI authentication through SSH exposes the system's GSSAPI to remote hosts, increasing the attack surface of the system.
- 
-@@ -23673,7 +23878,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255140 - RHEL 9 SSH daemon must not allow Kerberos authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Kerberos authentication for SSH is often implemented using Generic Security Service Application Program Interface (GSSAPI). If Kerberos is enabled through SSH, the SSH daemon provides a means of access to the system's Kerberos implementation. Vulnerabilities in the system's Kerberos implementations may be subject to exploitation.
- 
-@@ -23687,7 +23893,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255145 - RHEL 9 SSH daemon must not allow rhosts authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts.</description>
-           </metadata>
-@@ -23699,7 +23906,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255150 - RHEL 9 SSH daemon must not allow known hosts authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Configuring the IgnoreUserKnownHosts setting for the SSH daemon provides additional assurance that remote login via SSH will require a password, even in the event of misconfiguration elsewhere.</description>
-           </metadata>
-@@ -23711,7 +23919,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DISPLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.</description>
-           </metadata>
-@@ -23723,7 +23932,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255160 - RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If other users have access to modify user-specific SSH configuration files, they may be able to log into the system as another user.</description>
-           </metadata>
-@@ -23735,7 +23945,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255165 - RHEL 9 SSH daemon must display the date and time of the last successful account logon upon an SSH logon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Providing users feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.</description>
-           </metadata>
-@@ -23747,7 +23958,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255170 - RHEL 9 SSH daemon must be configured to use privilege separation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>SSH daemon privilege separation causes the SSH process to drop root privileges when not needed, which would decrease the impact of software vulnerabilities in the nonprivileged section.</description>
-           </metadata>
-@@ -23759,7 +23971,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-255175 - RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the "DISPLAY" environment variable to localhost. This prevents remote hosts from connecting to the proxy display.</description>
-           </metadata>
-@@ -23771,7 +23984,8 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-271015 - RHEL 9 must prevent a user from overriding the banner-message-enable setting for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
- 
-@@ -23787,7 +24001,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
-           <metadata>
-             <title>RHEL-09-271020 - RHEL 9 must disable the graphical user interface automount function unless required.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
- 
-@@ -23801,7 +24016,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-271025 - RHEL 9 must prevent a user from overriding the disabling of the graphical user interface automount function.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A nonprivileged account is any operating system account with authorizations of a nonprivileged user.
- 
-@@ -23815,7 +24031,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-271035 - RHEL 9 must prevent a user from overriding the disabling of the graphical user interface autorun function.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Techniques used to address this include protocols using nonces (e.g., numbers generated for a specific one-time use) or challenges (e.g., TLS, WS_Security). Additional techniques include time-synchronous or challenge-response one-time authenticators.
- 
-@@ -23829,7 +24046,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-271040 - RHEL 9 must not allow unattended or automatic logon via the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Failure to restrict system access to authenticated users negatively impacts operating system security.</description>
-           </metadata>
-@@ -23841,7 +24059,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-271045 - RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -23857,7 +24076,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
-           <metadata>
-             <title>RHEL-09-271050 - RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -23873,7 +24093,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
-           <metadata>
-             <title>RHEL-09-271055 - RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -23891,7 +24112,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
-           <metadata>
-             <title>RHEL-09-271060 - RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
- 
-@@ -23909,7 +24131,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
-           <metadata>
-             <title>RHEL-09-271065 - RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate a session lock.
- 
-@@ -23923,7 +24146,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271070 - RHEL 9 must prevent a user from overriding the session idle-delay setting for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.
- 
-@@ -23937,7 +24161,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271080 - RHEL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.</description>
-           </metadata>
-@@ -23949,7 +24174,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271085 - RHEL 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Setting the screensaver mode to blank-only conceals the contents of the display from passersby.</description>
-           </metadata>
-@@ -23961,7 +24187,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271095 - RHEL 9 must disable the ability of a user to restart the system from the login screen.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A user who is at the console can reboot the system at the login screen. If restart or shutdown buttons are pressed at the login screen, this can create the risk of short-term loss of availability of systems due to reboot.</description>
-           </metadata>
-@@ -23973,7 +24200,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271100 - RHEL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A user who is at the console can reboot the system at the login screen. If restart or shutdown buttons are pressed at the login screen, this can create the risk of short-term loss of availability of systems due to reboot.</description>
-           </metadata>
-@@ -23985,7 +24213,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271110 - RHEL 9 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical user interface.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A locally logged-in user who presses Ctrl-Alt-Del, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot.</description>
-           </metadata>
-@@ -23997,7 +24226,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-271115 - RHEL 9 must disable the user list at logon for graphical user interfaces.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.</description>
-           </metadata>
-@@ -24009,7 +24239,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-291010 - RHEL 9 must be configured to disable USB mass storage.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
- 
-@@ -24023,7 +24254,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-291015 - RHEL 9 must have the USBGuard package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The USBguard-daemon is the main component of the USBGuard software framework. It runs as a service in the background and enforces the USB device authorization policy for all USB devices. The policy is defined by a set of rules using a rule language described in the usbguard-rules.conf file. The policy and the authorization state of USB devices can be modified during runtime using the usbguard tool.
- 
-@@ -24037,7 +24269,8 @@ The system administrator (SA) must work with the site information system securit
-           <metadata>
-             <title>RHEL-09-291020 - RHEL 9 must have the USBGuard package enabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The USBguard-daemon is the main component of the USBGuard software framework. It runs as a service in the background and enforces the USB device authorization policy for all USB devices. The policy is defined by a set of rules using a rule language described in the usbguard-rules.conf file. The policy and the authorization state of USB devices can be modified during runtime using the usbguard tool.
- 
-@@ -24051,7 +24284,8 @@ The system administrator (SA) must work with the site information system securit
-           <metadata>
-             <title>RHEL-09-291025 - RHEL 9 must enable Linux audit logging for the USBGuard daemon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -24079,7 +24313,8 @@ DOD has defined the list of events for which RHEL 9 will provide an audit record
-           <metadata>
-             <title>RHEL-09-291035 - RHEL 9 Bluetooth must be disabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>This requirement applies to wireless peripheral technologies (e.g., wireless mice, keyboards, displays, etc.) used with RHEL 9 systems. Wireless peripherals (e.g., Wi-Fi/Bluetooth/IR keyboards, mice and pointing devices, and near field communications [NFC]) present a unique challenge by creating an open, unsecured port on a computer. Wireless peripherals must meet DOD requirements for wireless data transmission and be approved for use by the Authorizing Official (AO). Even though some wireless peripherals, such as mice and pointing devices, do not ordinarily carry information that need to be protected, modification of communications with these wireless peripherals may be used to compromise the RHEL 9 operating system.
- 
-@@ -24093,7 +24328,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000300-GPOS-00118</description>
-           <metadata>
-             <title>RHEL-09-411010 - RHEL 9 user account passwords for new users or password changes must have a 60-day maximum password lifetime restriction in /etc/login.defs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If the operating system does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the operating system passwords could be compromised.
- 
-@@ -24107,7 +24343,8 @@ Setting the password maximum age ensures users are required to periodically chan
-           <metadata>
-             <title>RHEL-09-411015 - RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If RHEL 9 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 9 passwords could be compromised.</description>
-           </metadata>
-@@ -24119,7 +24356,8 @@ Setting the password maximum age ensures users are required to periodically chan
-           <metadata>
-             <title>RHEL-09-411020 - All RHEL 9 local interactive user accounts must be assigned a home directory upon creation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.</description>
-           </metadata>
-@@ -24131,7 +24369,8 @@ Setting the password maximum age ensures users are required to periodically chan
-           <metadata>
-             <title>RHEL-09-411030 - RHEL 9 duplicate User IDs (UIDs) must not exist for interactive users.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
- 
-@@ -24145,7 +24384,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-411035 - RHEL 9 system accounts must not have an interactive login shell.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Ensuring shells are not given to system accounts upon login makes it more difficult for attackers to make use of system accounts.</description>
-           </metadata>
-@@ -24157,7 +24397,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-411045 - All RHEL 9 interactive users must have a primary group that exists.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If a user is assigned the Group Identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.</description>
-           </metadata>
-@@ -24169,7 +24410,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system.
- 
-@@ -24185,7 +24427,8 @@ Owners of inactive accounts will not notice if unauthorized access to their user
-           <metadata>
-             <title>RHEL-09-411060 - All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.</description>
-           </metadata>
-@@ -24197,7 +24440,8 @@ Owners of inactive accounts will not notice if unauthorized access to their user
-           <metadata>
-             <title>RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -24211,7 +24455,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, also known as brute-forcing, is reduced. Limits are imposed by locking the account.
- 
-@@ -24225,7 +24470,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By limiting the number of failed logon attempts the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
- 
-@@ -24239,7 +24485,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411090 - RHEL 9 must maintain an account lock until the locked account is released by an administrator.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>By limiting the number of failed logon attempts the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
- 
-@@ -24253,7 +24500,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411100 - The root account must be the only account having unrestricted access to RHEL 9 system.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>An account has root authority if it has a user identifier (UID) of "0". Multiple accounts with a UID of "0" afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.</description>
-           </metadata>
-@@ -24265,7 +24513,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411105 - RHEL 9 must ensure account lockouts persist.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Having lockouts persist across reboots ensures that account is only unlocked by an administrator. If the lockouts did not persist across reboots, an attacker could simply reboot the system to continue brute force attacks against the accounts on the system.</description>
-           </metadata>
-@@ -24277,7 +24526,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-411110 - RHEL 9 groups must have unique Group ID (GID).</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To ensure accountability and prevent unauthenticated access, groups must be identified uniquely to prevent potential misuse and compromise of the system.</description>
-           </metadata>
-@@ -24289,7 +24539,8 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
-           <metadata>
-             <title>RHEL-09-412010 - RHEL 9 must have the tmux package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package.
- 
-@@ -24303,7 +24554,8 @@ Satisfies: SRG-OS-000030-GPOS-00011, SRG-OS-000028-GPOS-00009</description>
-           <metadata>
-             <title>RHEL-09-412020 - RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -24317,7 +24569,8 @@ The session lock is implemented at the point where session activity can be deter
-           <metadata>
-             <title>RHEL-09-412025 - RHEL 9 must automatically lock command line user sessions after 15 minutes of inactivity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, tmux can be configured to identify when a user's session has idled and take action to initiate a session lock.
- 
-@@ -24331,7 +24584,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
-           <metadata>
-             <title>RHEL-09-412030 - RHEL 9 must prevent users from disabling session control mechanisms.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The session lock is implemented at the point where session activity can be determined. Rather than be forced to wait for a period of time to expire before the user session can be locked, RHEL 9 must provide users with the ability to manually invoke a session lock so users can secure their session if it is necessary to temporarily vacate the immediate physical vicinity.
- 
-@@ -24345,7 +24599,8 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000028-GPOS-00009</description>
-           <metadata>
-             <title>RHEL-09-412035 - RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Terminating an idle interactive command shell user session within a short time period reduces the window of opportunity for unauthorized personnel to take control of it when left unattended in a virtual terminal or physical console.
- 
-@@ -24359,7 +24614,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000029-GPOS-00010</description>
-           <metadata>
-             <title>RHEL-09-412040 - RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to denial-of-service (DoS) attacks.
- 
-@@ -24373,7 +24629,8 @@ This requirement addresses concurrent sessions for information system accounts a
-           <metadata>
-             <title>RHEL-09-412045 - RHEL 9 must log username information when unsuccessful logon attempts occur.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without auditing of these events, it may be harder or impossible to identify what an attacker did after an attack.</description>
-           </metadata>
-@@ -24385,7 +24642,8 @@ This requirement addresses concurrent sessions for information system accounts a
-           <metadata>
-             <title>RHEL-09-412050 - RHEL 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Increasing the time between a failed authentication attempt and reprompting to enter credentials helps to slow a single-threaded brute force attack.</description>
-           </metadata>
-@@ -24397,7 +24655,8 @@ This requirement addresses concurrent sessions for information system accounts a
-           <metadata>
-             <title>RHEL-09-412055 - RHEL 9 must define default permissions for the bash shell.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
- 
-@@ -24411,7 +24670,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-412060 - RHEL 9 must define default permissions for the c shell.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
- 
-@@ -24425,7 +24685,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-412065 - RHEL 9 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.</description>
-           </metadata>
-@@ -24437,7 +24698,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-412070 - RHEL 9 must define default permissions for the system default profile.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
- 
-@@ -24451,7 +24713,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-412075 - RHEL 9 must display the date and time of the last successful account logon upon logon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the number of unsuccessful attempts that were made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.</description>
-           </metadata>
-@@ -24463,7 +24726,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-412080 - RHEL 9 must terminate idle user sessions.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.</description>
-           </metadata>
-@@ -24475,7 +24739,8 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-431010 - RHEL 9 must use a Linux Security Module configured to enforce limits on system services.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -24491,7 +24756,8 @@ Satisfies: SRG-OS-000445-GPOS-00199, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-431015 - RHEL 9 must enable the SELinux targeted policy.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Setting the SELinux policy to "targeted" or a more specialized policy ensures the system will confine processes that are likely to be targeted for exploitation, such as network or system services.
- 
-@@ -24505,7 +24771,8 @@ Note: During the development or debugging of SELinux modules, it is common to te
-           <metadata>
-             <title>RHEL-09-431025 - RHEL 9 must have policycoreutils package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -24521,7 +24788,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-431030 - RHEL 9 policycoreutils-python-utils package must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The policycoreutils-python-utils package is required to operate and manage an SELinux environment and its policies. It provides utilities such as semanage, audit2allow, audit2why, chcat, and sandbox.</description>
-           </metadata>
-@@ -24533,7 +24801,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-432010 - RHEL 9 must have the sudo package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"sudo" is a program designed to allow a system administrator to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow system users to get their work done.</description>
-           </metadata>
-@@ -24545,7 +24814,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
-           <metadata>
-             <title>RHEL-09-432015 - RHEL 9 must require reauthentication when using the "sudo" command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. 
- 
-@@ -24561,7 +24831,8 @@ If the value is set to an integer less than "0", the user's time stamp will not
-           <metadata>
-             <title>RHEL-09-432020 - RHEL 9 must use the invoking user's password for privilege escalation when using "sudo".</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.</description>
-           </metadata>
-@@ -24573,7 +24844,8 @@ If the value is set to an integer less than "0", the user's time stamp will not
-           <metadata>
-             <title>RHEL-09-432025 - RHEL 9 must require users to reauthenticate for privilege escalation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -24589,7 +24861,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           <metadata>
-             <title>RHEL-09-432030 - RHEL 9 must restrict privilege elevation to authorized personnel.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.</description>
-           </metadata>
-@@ -24601,7 +24874,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           <metadata>
-             <title>RHEL-09-432035 - RHEL 9 must restrict the use of the "su" command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "su" program allows to run commands with a substitute user and group ID. It is commonly used to run commands as the root user. Limiting access to such commands is considered a good security practice.
- 
-@@ -24615,7 +24889,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000312-GPOS-00123</description>
-           <metadata>
-             <title>RHEL-09-433010 - RHEL 9 fapolicy module must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as allowlisting.
- 
-@@ -24637,7 +24912,8 @@ Satisfies: SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154</description>
-           <metadata>
-             <title>RHEL-09-433015 - RHEL 9 fapolicy module must be enabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as allowlisting.
- 
-@@ -24659,7 +24935,8 @@ Satisfies: SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154</description>
-           <metadata>
-             <title>RHEL-09-611010 - RHEL 9 must ensure the password complexity module in the system-auth file is configured for three retries or less.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
- 
-@@ -24677,7 +24954,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           <metadata>
-             <title>RHEL-09-611025 - RHEL 9 must not allow blank or null passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If an account has an empty password, anyone could log in and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
-           </metadata>
-@@ -24690,7 +24968,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           <metadata>
-             <title>RHEL-09-611040 - RHEL 9 must ensure the password complexity module is enabled in the password-auth file.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enabling PAM password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.
- 
-@@ -24704,7 +24983,8 @@ Satisfies: SRG-OS-000069-GPOS-00037, SRG-OS-000070-GPOS-00038, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-611045 - RHEL 9 must ensure the password complexity module is enabled in the system-auth file.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enabling PAM password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.</description>
-           </metadata>
-@@ -24716,7 +24996,8 @@ Satisfies: SRG-OS-000069-GPOS-00037, SRG-OS-000070-GPOS-00038, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-611050 - RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
- 
-@@ -24732,7 +25013,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-611055 - RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
- 
-@@ -24748,7 +25030,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-611060 - RHEL 9 must enforce password complexity rules for the root account.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -24764,7 +25047,8 @@ Satisfies: SRG-OS-000072-GPOS-00040, SRG-OS-000071-GPOS-00039, SRG-OS-000070-GPO
-           <metadata>
-             <title>RHEL-09-611065 - RHEL 9 must enforce password complexity by requiring that at least one lowercase character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. 
- 
-@@ -24778,7 +25062,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611070 - RHEL 9 must enforce password complexity by requiring that at least one numeric character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -24792,7 +25077,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611075 - RHEL 9 passwords for new users or password changes must have a 24 hours minimum password lifetime restriction in /etc/login.defs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, then the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
- 
-@@ -24806,7 +25092,8 @@ Setting the minimum password age protects against users cycling back to a favori
-           <metadata>
-             <title>RHEL-09-611080 - RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.</description>
-           </metadata>
-@@ -24818,7 +25105,8 @@ Setting the minimum password age protects against users cycling back to a favori
-           <metadata>
-             <title>RHEL-09-611085 - RHEL 9 must require users to provide a password for privilege escalation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -24834,7 +25122,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           <metadata>
-             <title>RHEL-09-611090 - RHEL 9 passwords must be created with a minimum of 15 characters.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -24854,7 +25143,8 @@ The DOD minimum password requirement is 15 characters.</description>
-           <metadata>
-             <title>RHEL-09-611095 - RHEL 9 passwords for new users must have a minimum of 15 characters.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -24870,7 +25160,8 @@ The DOD minimum password requirement is 15 characters.</description>
-           <metadata>
-             <title>RHEL-09-611100 - RHEL 9 must enforce password complexity by requiring that at least one special character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised. RHEL 9 utilizes "pwquality" as a mechanism to enforce password complexity. Note that to require special characters without degrading the "minlen" value, the credit value must be expressed as a negative number in "/etc/security/pwquality.conf".</description>
-           </metadata>
-@@ -24882,7 +25173,8 @@ The DOD minimum password requirement is 15 characters.</description>
-           <metadata>
-             <title>RHEL-09-611105 - RHEL 9 must prevent the use of dictionary words for passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If RHEL 9 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.</description>
-           </metadata>
-@@ -24894,7 +25186,8 @@ The DOD minimum password requirement is 15 characters.</description>
-           <metadata>
-             <title>RHEL-09-611110 - RHEL 9 must enforce password complexity by requiring that at least one uppercase character be used.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised. Requiring a minimum number of uppercase characters makes password guessing attacks more difficult by ensuring a larger search space.</description>
-           </metadata>
-@@ -24906,7 +25199,8 @@ The DOD minimum password requirement is 15 characters.</description>
-           <metadata>
-             <title>RHEL-09-611115 - RHEL 9 must require the change of at least eight characters when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute–force attacks. 
- 
-@@ -24920,7 +25214,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611120 - RHEL 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -24934,7 +25229,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611125 - RHEL 9 must require the maximum number of repeating characters be limited to three when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -24948,7 +25244,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611130 - RHEL 9 must require the change of at least four character classes when passwords are changed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
- 
-@@ -24962,7 +25259,8 @@ Password complexity is one factor of several that determines how long it takes t
-           <metadata>
-             <title>RHEL-09-611135 - RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
- 
-@@ -24976,7 +25274,8 @@ This setting ensures user and group account administration utilities are configu
-           <metadata>
-             <title>RHEL-09-611140 - RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
- 
-@@ -24990,7 +25289,8 @@ This setting ensures user and group account administration utilities are configu
-           <metadata>
-             <title>RHEL-09-611145 - RHEL 9 must not be configured to bypass password requirements for privilege escalation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.
- 
-@@ -25004,7 +25304,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
-           <metadata>
-             <title>RHEL-09-611150 - RHEL 9 shadow password suite must be configured to use a sufficient number of hashing rounds.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
- 
-@@ -25020,7 +25321,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-611155 - RHEL 9 must not have accounts configured with blank or null passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If an account has an empty password, anyone could log in and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
-           </metadata>
-@@ -25032,7 +25334,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-611160 - RHEL 9 must use the CAC smart card driver.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Smart card login provides two-factor authentication stronger than that provided by a username and password combination. Smart cards leverage public key infrastructure to provide and verify credentials. Configuring the smart card driver in use by the organization helps to prevent users from using unauthorized smart cards.
- 
-@@ -25046,7 +25349,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPO
-           <metadata>
-             <title>RHEL-09-611165 - RHEL 9 must enable certificate based smart card authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. The DOD Common Access Card (CAC) with DOD-approved PKI is an example of multifactor authentication.
- 
-@@ -25060,7 +25364,8 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000105-GPOS-00052</description>
-           <metadata>
-             <title>RHEL-09-611170 - RHEL 9 must implement certificate status checking for multifactor authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Using an authentication device, such as a DOD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
- 
-@@ -25078,7 +25383,8 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000377-GPOS-00162</description>
-           <metadata>
-             <title>RHEL-09-611175 - RHEL 9 must have the pcsc-lite package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The pcsc-lite package must be installed if it is to be available for multifactor authentication using smart cards.</description>
-           </metadata>
-@@ -25090,7 +25396,8 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000377-GPOS-00162</description>
-           <metadata>
-             <title>RHEL-09-611180 - The pcscd service on RHEL 9 must be active.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The information system ensures that even if the information system is compromised, that compromise will not affect credentials stored on the authentication device.
- 
-@@ -25104,7 +25411,8 @@ The daemon program for pcsc-lite and the MuscleCard framework is pcscd. It is a
-           <metadata>
-             <title>RHEL-09-611185 - RHEL 9 must have the opensc package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access.
- 
-@@ -25120,7 +25428,8 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPOS-00161</description>
-           <metadata>
-             <title>RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
- 
-@@ -25134,7 +25443,8 @@ This requirement prevents attackers with physical access from trivially bypassin
-           <metadata>
-             <title>RHEL-09-611200 - RHEL 9 must require authentication to access single-user mode.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
- 
-@@ -25148,7 +25458,8 @@ This requirement prevents attackers with physical access from trivially bypassin
-           <metadata>
-             <title>RHEL-09-611205 - RHEL 9 must prevent system daemons from using Kerberos for authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unapproved mechanisms used for authentication to the cryptographic module are not verified; therefore, cannot be relied upon to provide confidentiality or integrity and DOD data may be compromised.
- 
-@@ -25166,7 +25477,8 @@ FIPS 140-3 is the current standard for validating that mechanisms used to access
-           <metadata>
-             <title>RHEL-09-631020 - RHEL 9 must prohibit the use of cached authenticators after one day.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If cached authentication information is out-of-date, the validity of the authentication information may be questionable.</description>
-           </metadata>
-@@ -25178,7 +25490,8 @@ FIPS 140-3 is the current standard for validating that mechanisms used to access
-           <metadata>
-             <title>RHEL-09-651010 - RHEL 9 must have the AIDE package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -25192,7 +25505,8 @@ Satisfies: SRG-OS-000363-GPOS-00150, SRG-OS-000445-GPOS-00199</description>
-           <metadata>
-             <title>RHEL-09-651025 - RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Protecting the integrity of the tools used for auditing purposes is a critical step toward ensuring the integrity of audit information. Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity.
- 
-@@ -25212,7 +25526,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
-           <metadata>
-             <title>RHEL-09-652010 - RHEL 9 must have the rsyslog package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>rsyslogd is a system utility providing support for message logging. Support for both internet and Unix domain sockets enables this utility to support both local and remote logging. Couple this utility with "gnutls" (which is a secure communications library implementing the SSL, TLS, and DTLS protocols), to create a method to securely encrypt and offload auditing.
- 
-@@ -25226,7 +25541,8 @@ Satisfies: SRG-OS-000479-GPOS-00224, SRG-OS-000051-GPOS-00024, SRG-OS-000480-GPO
-           <metadata>
-             <title>RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The rsyslog-gnutls package provides Transport Layer Security (TLS) support for the rsyslog daemon, which enables secure remote logging.
- 
-@@ -25240,7 +25556,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-652020 - The rsyslog service on RHEL 9 must be active.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The "rsyslog" service must be running to provide logging services, which are essential to system administration.</description>
-           </metadata>
-@@ -25252,7 +25569,8 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-652025 - RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unintentionally running a rsyslog server accepting remote messages puts the system at increased risk. Malicious rsyslog messages sent to the server could exploit vulnerabilities in the server software itself, could introduce misleading information into the system's logs, or could fill the system's storage leading to a denial of service.
- 
-@@ -25266,7 +25584,8 @@ If the system is intended to be a log aggregation server, its use must be docume
-           <metadata>
-             <title>RHEL-09-652030 - All RHEL 9 remote access methods must be monitored.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Logging remote access methods can be used to trace the decrease in the risks associated with remote user access management. It can also be used to spot cyberattacks and ensure ongoing compliance with organizational policies surrounding the use of remote access methods.</description>
-           </metadata>
-@@ -25278,7 +25597,8 @@ If the system is intended to be a log aggregation server, its use must be docume
-           <metadata>
-             <title>RHEL-09-652035 - RHEL 9 must be configured to offload audit records onto a different system from the system being audited via syslog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The auditd service does not include the ability to send audit records to a centralized server for management directly. However, it can use a plug-in for audit event multiplexor (audispd) to pass audit records to the local syslog server.
- 
-@@ -25292,7 +25612,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
-           <metadata>
-             <title>RHEL-09-652040 - RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -25316,7 +25637,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
-           <metadata>
-             <title>RHEL-09-652045 - RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -25340,7 +25662,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
-           <metadata>
-             <title>RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -25358,7 +25681,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
-           <metadata>
-             <title>RHEL-09-652055 - RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -25384,7 +25708,8 @@ Satisfies: SRG-OS-000479-GPOS-00224, SRG-OS-000480-GPOS-00227, SRG-OS-000342-GPO
-           <metadata>
-             <title>RHEL-09-653010 - RHEL 9 audit package must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -25402,7 +25727,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           <metadata>
-             <title>RHEL-09-653015 - RHEL 9 audit service must be enabled.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without establishing what type of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Ensuring the "auditd" service is active ensures audit records generated by the kernel are appropriately recorded.
- 
-@@ -25418,7 +25744,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           <metadata>
-             <title>RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
-           </metadata>
-@@ -25430,7 +25757,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           <metadata>
-             <title>RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
-           </metadata>
-@@ -25442,7 +25770,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
-           <metadata>
-             <title>RHEL-09-653030 - RHEL 9 must allocate audit record storage capacity to store at least one week's worth of audit records.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>To ensure RHEL 9 systems have a sufficient storage capacity in which to write the audit logs, RHEL 9 needs to be able to allocate audit record storage capacity.
- 
-@@ -25458,7 +25787,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653035 - RHEL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.</description>
-           </metadata>
-@@ -25470,7 +25800,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653040 - RHEL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.</description>
-           </metadata>
-@@ -25482,7 +25813,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653045 - RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If action is not taken when storage volume reaches 95 percent utilization, the auditing system may fail when the storage volume reaches capacity.</description>
-           </metadata>
-@@ -25494,7 +25826,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653050 - RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If action is not taken when storage volume reaches 95 percent utilization, the auditing system may fail when the storage volume reaches capacity.</description>
-           </metadata>
-@@ -25506,7 +25839,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
-           </metadata>
-@@ -25518,7 +25852,8 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
-           <metadata>
-             <title>RHEL-09-653060 - RHEL 9 must label all offloaded audit logs before sending them to the central log server.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Enriched logging is needed to determine who, what, and when events occur on a system. Without this, determining root cause of an event will be much more difficult.
- 
-@@ -25534,7 +25869,8 @@ Satisfies: SRG-OS-000039-GPOS-00017, SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPO
-           <metadata>
-             <title>RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The audit system should have an action setup in the event the internal event queue becomes full so that no data is lost.  Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -25550,7 +25886,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
-           <metadata>
-             <title>RHEL-09-653070 - RHEL 9 System Administrator (SA) and/or information system security officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -25568,7 +25905,8 @@ Satisfies: SRG-OS-000046-GPOS-00022, SRG-OS-000343-GPOS-00134</description>
-           <metadata>
-             <title>RHEL-09-653075 - RHEL 9 audit system must audit local events.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -25584,7 +25922,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-653080 - RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -25598,7 +25937,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           <metadata>
-             <title>RHEL-09-653085 - RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -25612,7 +25952,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           <metadata>
-             <title>RHEL-09-653090 - RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -25628,7 +25969,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           <metadata>
-             <title>RHEL-09-653095 - RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If option "freq" is not set to a value that requires audit records being written to disk after a threshold number is reached, then audit records may be lost.</description>
-           </metadata>
-@@ -25640,7 +25982,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           <metadata>
-             <title>RHEL-09-653100 - RHEL 9 must produce audit records containing information to establish the identity of any individual or process associated with the event.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -25658,7 +26001,8 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-653105 - RHEL 9 must write audit records to disk.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Audit data should be synchronously written to disk to ensure log integrity. This setting assures that all audit event data is written disk.</description>
-           </metadata>
-@@ -25670,7 +26014,8 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.</description>
-           </metadata>
-@@ -25682,7 +26027,8 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-653115 - RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.</description>
-           </metadata>
-@@ -25694,7 +26040,8 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
-           <metadata>
-             <title>RHEL-09-653120 - RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25714,7 +26061,8 @@ Satisfies: SRG-OS-000254-GPOS-00095, SRG-OS-000341-GPOS-00132</description>
-           <metadata>
-             <title>RHEL-09-653130 - RHEL 9 audispd-plugins package must be installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>"audispd-plugins" provides plugins for the real-time interface to the audit subsystem, "audispd". These plugins can do things like relay events to remote machines or analyze events for suspicious behavior.</description>
-           </metadata>
-@@ -25726,7 +26074,8 @@ Satisfies: SRG-OS-000254-GPOS-00095, SRG-OS-000341-GPOS-00132</description>
-           <metadata>
-             <title>RHEL-09-654010 - RHEL 9 must audit uses of the "execve" system call.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
- 
-@@ -25740,7 +26089,8 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127</description>
-           <metadata>
-             <title>RHEL-09-654015 - RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25760,7 +26110,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25780,7 +26131,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654025 - RHEL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25800,7 +26152,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654030 - RHEL 9 must audit all uses of umount system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25820,7 +26173,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
-           <metadata>
-             <title>RHEL-09-654035 - RHEL 9 must audit all uses of the chacl command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25840,7 +26194,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654040 - RHEL 9 must audit all uses of the setfacl command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25860,7 +26215,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654045 - RHEL 9 must audit all uses of the chcon command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25880,7 +26236,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654050 - RHEL 9 must audit all uses of the semanage command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25900,7 +26257,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25920,7 +26278,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25940,7 +26299,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654065 - RHEL 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25960,7 +26320,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654070 - RHEL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -25980,7 +26341,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654075 - RHEL 9 must audit all uses of the delete_module system call.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26000,7 +26362,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654080 - RHEL 9 must audit all uses of the init_module and finit_module system calls.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26020,7 +26383,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654085 - RHEL 9 must audit all uses of the chage command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26040,7 +26404,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654090 - RHEL 9 must audit all uses of the chsh command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26060,7 +26425,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654095 - RHEL 9 must audit all uses of the crontab command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26080,7 +26446,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654100 - RHEL 9 must audit all uses of the gpasswd command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26100,7 +26467,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654105 - RHEL 9 must audit all uses of the kmod command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26120,7 +26488,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26140,7 +26509,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654115 - RHEL 9 must audit all uses of the pam_timestamp_check command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26160,7 +26530,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26180,7 +26551,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654125 - RHEL 9 must audit all uses of the postdrop command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26200,7 +26572,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654130 - RHEL 9 must audit all uses of the postqueue command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26220,7 +26593,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654135 - RHEL 9 must audit all uses of the ssh-agent command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26240,7 +26614,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654140 - RHEL 9 must audit all uses of the ssh-keysign command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26260,7 +26635,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654145 - RHEL 9 must audit all uses of the su command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26280,7 +26656,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654150 - RHEL 9 must audit all uses of the sudo command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26300,7 +26677,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654155 - RHEL 9 must audit all uses of the sudoedit command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26320,7 +26698,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654160 - RHEL 9 must audit all uses of the unix_chkpwd command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26340,7 +26719,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26360,7 +26740,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654170 - RHEL 9 must audit all uses of the userhelper command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26380,7 +26761,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654175 - RHEL 9 must audit all uses of the usermod command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26400,7 +26782,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654180 - RHEL 9 must audit all uses of the mount command.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26420,7 +26803,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654185 - Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Misuse of the init command may cause availability issues for the system.</description>
-           </metadata>
-@@ -26432,7 +26816,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Misuse of the poweroff command may cause availability issues for the system.</description>
-           </metadata>
-@@ -26444,7 +26829,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654195 - Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Misuse of the reboot command may cause availability issues for the system.</description>
-           </metadata>
-@@ -26456,7 +26842,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Misuse of the shutdown command may cause availability issues for the system.</description>
-           </metadata>
-@@ -26468,7 +26855,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654205 - Successful/unsuccessful uses of the umount system call in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
- 
-@@ -26482,7 +26870,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
-           <metadata>
-             <title>RHEL-09-654210 - Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit record.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
- 
-@@ -26496,7 +26885,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
-           <metadata>
-             <title>RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The actions taken by system administrators must be audited to keep a record of what was executed on the system, as well as for accountability purposes. Editing the sudoers file may be sign of an attacker trying to establish persistent methods to a system, auditing the editing of the sudoers files mitigates this risk.
- 
-@@ -26510,7 +26900,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The actions taken by system administrators must be audited to keep a record of what was executed on the system, as well as for accountability purposes. Editing the sudoers file may be sign of an attacker trying to establish persistent methods to a system, auditing the editing of the sudoers files mitigates this risk.
- 
-@@ -26524,7 +26915,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications must be investigated for legitimacy.
- 
-@@ -26538,7 +26930,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
- 
-@@ -26552,7 +26945,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
- 
-@@ -26566,7 +26960,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
- 
-@@ -26580,7 +26975,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
- 
-@@ -26594,7 +26990,8 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           <metadata>
-             <title>RHEL-09-654250 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26608,7 +27005,8 @@ Satisfies: SRG-OS-000392-GPOS-00172, SRG-OS-000470-GPOS-00214, SRG-OS-000473-GPO
-           <metadata>
-             <title>RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26622,7 +27020,8 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
-           <metadata>
-             <title>RHEL-09-654260 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -26636,7 +27035,8 @@ Satisfies: SRG-OS-000392-GPOS-00172, SRG-OS-000470-GPOS-00214, SRG-OS-000473-GPO
-           <metadata>
-             <title>RHEL-09-654265 - RHEL 9 must take appropriate action when a critical audit processing failure occurs.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -26652,7 +27052,8 @@ Satisfies: SRG-OS-000046-GPOS-00022, SRG-OS-000047-GPOS-00023</description>
-           <metadata>
-             <title>RHEL-09-654270 - RHEL 9 audit system must protect logon UIDs from unauthorized change.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>If modification of login user identifiers (UIDs) is not prevented, they can be changed by nonprivileged users and make auditing complicated or impossible.
- 
-@@ -26666,7 +27067,8 @@ Satisfies: SRG-OS-000462-GPOS-00206, SRG-OS-000475-GPOS-00220, SRG-OS-000057-GPO
-           <metadata>
-             <title>RHEL-09-654275 - RHEL 9 audit system must protect auditing rules from unauthorized change.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -26684,7 +27086,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
-           <metadata>
-             <title>RHEL-09-672582300 - RHEL 9 must enable FIPS mode.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. This includes NIST FIPS-validated cryptography for the following: Provisioning digital signatures, generating cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
- 
-@@ -26698,7 +27101,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
-           <metadata>
-             <title>RHEL-09-671015 - RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>The system must use a strong hashing algorithm to store the password.
- 
-@@ -26714,7 +27118,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-671020 - RHEL 9 IP tunnels must use FIPS 140-2/140-3 approved cryptographic algorithms.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Overriding the system crypto policy makes the behavior of the Libreswan service violate expectations, and makes system configuration more fragmented.</description>
-           </metadata>
-@@ -26726,7 +27131,8 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
-           <metadata>
-             <title>RHEL-09-671025 - RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and; therefore, cannot be relied upon to provide confidentiality or integrity, and DOD data may be compromised.
- 
-@@ -26742,7 +27148,8 @@ FIPS 140-3 is the current standard for validating that mechanisms used to access
-           <metadata>
-             <title>RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
- 
-@@ -26756,7 +27163,8 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
-           <metadata>
-             <title>RHEL-09-672020 - RHEL 9 crypto policy must not be overridden.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
- 
-@@ -26770,7 +27178,8 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
-           <metadata>
-             <title>RHEL-09-672025 - RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Overriding the system crypto policy makes the behavior of Kerberos violate expectations, and makes system configuration more fragmented.</description>
-           </metadata>
-@@ -26782,7 +27191,8 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
-           <metadata>
-             <title>RHEL-09-672030 - RHEL 9 must implement DOD-approved TLS encryption in the GnuTLS package.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -26800,7 +27210,8 @@ Satisfies: SRG-OS-000250-GPOS-00093, SRG-OS-000423-GPOS-00187</description>
-           <metadata>
-             <title>RHEL-09-672035 - RHEL 9 must implement DOD-approved encryption in the OpenSSL package.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -26818,7 +27229,8 @@ The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/open
-           <metadata>
-             <title>RHEL-09-672040 - RHEL 9 must implement DOD-approved TLS encryption in the OpenSSL package.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -26836,7 +27248,8 @@ The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/open
-           <metadata>
-             <title>RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package.</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -28886,7 +29299,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190</description>
-           <object object_ref="oval:mil.disa.stig.ubuntu2004:obj:100" />
-           <state state_ref="oval:mil.disa.stig.ubuntu2004:ste:100" />
-         </textfilecontent54_test>
--        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:tst:10000600" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg exists.">
-+        <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:tst:10000600" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg exists.">
-           <object object_ref="oval:mil.disa.stig.unix:obj:10000600" />
-         </file_test>
-         <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:tst:10000601" version="1" check_existence="all_exist" check="all" comment="/etc/grub2-efi.cfg exists.">
-@@ -32714,7 +33127,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190</description>
-           <instance datatype="int">1</instance>
-         </textfilecontent54_object>
-         <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:obj:10000600" version="1">
--          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
-         </file_object>
-         <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.unix:obj:10000601" version="1">
-           <filepath datatype="string">/etc/grub2-efi.cfg</filepath>
-@@ -34382,7 +34795,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190</description>
-           <metadata>
-             <title>RHEL 9 is installed</title>
-             <affected family="unix">
--              <platform>Red Hat Enterprise Linux 9</platform>
-+              <platform>Red Hat Enterprise Linux 9</platform>
-+<platform>AlmaLinux 9</platform>
-             </affected>
-             <reference source="CPE" ref_id="cpe:/o:redhat:enterprise_linux:9.0" />
-             <description>RHEL 9 is installed</description>
-diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
-index 503895c33..33e242420 100644
---- a/shared/templates/audit_rules_dac_modification/ansible.template
-+++ b/shared/templates/audit_rules_dac_modification/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
-index 5d782e0bd..11bd40b58 100644
---- a/shared/templates/audit_rules_dac_modification/bash.template
-+++ b/shared/templates/audit_rules_dac_modification/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+diff --git a/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
+index d03d69ff0..006ef4f40 100644
+--- a/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
+@@ -3123,7 +3123,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</xccdf:fixtext>
+           </xccdf:reference>
+           <xccdf:platform idref="#xccdf_mil.disa.stig_platform_LinuxUEFI" />
+           <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
+-          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/shared/templates/audit_rules_file_deletion_events/ansible.template b/shared/templates/audit_rules_file_deletion_events/ansible.template
-index 33b29b977..cbee8fdf7 100644
---- a/shared/templates/audit_rules_file_deletion_events/ansible.template
-+++ b/shared/templates/audit_rules_file_deletion_events/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
-index b3eab4edb..da237aa3d 100644
---- a/shared/templates/audit_rules_file_deletion_events/bash.template
-+++ b/shared/templates/audit_rules_file_deletion_events/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
  
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
-index 52d93ba02..18a26fc62 100644
---- a/shared/templates/audit_rules_login_events/ansible.template
-+++ b/shared/templates/audit_rules_login_events/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
-index f0b83b1bf..72506c7ee 100644
---- a/shared/templates/audit_rules_login_events/bash.template
-+++ b/shared/templates/audit_rules_login_events/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+@@ -12049,8 +12049,8 @@ $ sudo systemctl restart systemd-logind</xccdf:fixtext>
+             <description />
+           </metadata>
+           <criteria>
+-            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." />
+-            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
++            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." />
++            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
+           </criteria>
+         </definition>
+         <definition id="oval:mil.disa.stig.defs:def:230235" version="1" class="compliance">
+@@ -19662,11 +19662,11 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+         <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023303" version="1" check="all" comment="/etc/login.defs: SHA_CRYPT_MAX_ROUNDS is set">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023301" />
+         </textfilecontent54_test>
+-        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name.">
++        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name.">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023400" />
+           <state state_ref="oval:mil.disa.stig.ind:ste:23023400" />
+         </textfilecontent54_test>
+-        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
++        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
+           <object object_ref="oval:mil.disa.stig.ind:obj:23023401" />
+           <state state_ref="oval:mil.disa.stig.ind:ste:23023401" />
+         </textfilecontent54_test>
+@@ -21551,12 +21551,12 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023400" version="1">
+-          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
++          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
+           <pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023401" version="1">
+-          <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
++          <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
+           <pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
+           <instance datatype="int" operation="greater than or equal">1</instance>
+         </textfilecontent54_object>
+diff --git a/shared/references/disa-stig-rhel9-v2r5-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v2r5-xccdf-scap.xml
+index d53f4ab46..a0566942e 100644
+--- a/shared/references/disa-stig-rhel9-v2r5-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel9-v2r5-xccdf-scap.xml
+@@ -20489,6 +20489,7 @@ include "/etc/crypto-policies/back-ends/bind.config";</xccdf:fixtext>
+             <title>RHEL-09-211010 - RHEL 9 must be a vendor-supported release.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
  
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
+@@ -20503,6 +20504,7 @@ Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise
+             <title>RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.</description>
+           </metadata>
+@@ -20515,6 +20517,7 @@ Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise
+             <title>RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  
  
-diff --git a/shared/templates/audit_rules_path_syscall/ansible.template b/shared/templates/audit_rules_path_syscall/ansible.template
-index 68b43b439..9d9ce2fad 100644
---- a/shared/templates/audit_rules_path_syscall/ansible.template
-+++ b/shared/templates/audit_rules_path_syscall/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
-index 332c87def..cdcf6352c 100644
---- a/shared/templates/audit_rules_path_syscall/bash.template
-+++ b/shared/templates/audit_rules_path_syscall/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+@@ -20529,6 +20532,7 @@ The rngd service feeds random data from hardware device to kernel random device.
+             <title>RHEL-09-211040 - RHEL 9 systemd-journald service must be enabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.</description>
+           </metadata>
+@@ -20541,6 +20545,7 @@ The rngd service feeds random data from hardware device to kernel random device.
+             <title>RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
  
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/shared/templates/audit_rules_privileged_commands/ansible.template b/shared/templates/audit_rules_privileged_commands/ansible.template
-index 0e2a29c80..a78d71da2 100644
---- a/shared/templates/audit_rules_privileged_commands/ansible.template
-+++ b/shared/templates/audit_rules_privileged_commands/ansible.template
-@@ -1,7 +1,7 @@
- {{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}}
-   {{%- set perm_x=" -F perm=x" %}}
- {{%- endif %}}
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
-index 181597906..f886020ab 100644
---- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
-+++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
+@@ -20555,6 +20560,7 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-211050 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+ 
+@@ -20569,6 +20575,7 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-211055 - RHEL 9 debug-shell systemd service must be disabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
+ 
+@@ -20583,6 +20590,7 @@ Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-212010 - RHEL 9 must require a boot loader superuser password.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
+ 
+@@ -20597,6 +20605,7 @@ Password protection on the boot loader configuration ensures users with physical
+             <title>RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Using interactive or recovery boot, the console user could disable auditing, firewalls, or other services, weakening system security.</description>
+           </metadata>
+@@ -20609,6 +20618,7 @@ Password protection on the boot loader configuration ensures users with physical
+             <title>RHEL-09-212025 - RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "root" group is a highly privileged group. Furthermore, the group-owner of this file should not have any access privileges anyway.</description>
+           </metadata>
+@@ -20621,6 +20631,7 @@ Password protection on the boot loader configuration ensures users with physical
+             <title>RHEL-09-212030 - RHEL 9 /boot/grub2/grub.cfg file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The " /boot/grub2/grub.cfg" file stores sensitive system configuration. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -20633,6 +20644,7 @@ Password protection on the boot loader configuration ensures users with physical
+             <title>RHEL-09-212035 - RHEL 9 must disable virtual system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>System calls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks. Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes. Virtual system calls map into user space a page that contains some variables and the implementation of some system calls. This allows the system calls to be executed in userspace to alleviate the context switching expense.
+ 
+@@ -20649,6 +20661,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Poisoning writes an arbitrary value to freed pages, so any modification or reference to that page after being freed or before being initialized will be detected and prevented. This prevents many types of use-after-free vulnerabilities at little performance cost. Also prevents leak of data and detection of corrupted memory.
+ 
+@@ -20663,6 +20676,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-212045 - RHEL 9 must clear memory when it is freed to prevent use-after-free attacks.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Some adversaries launch attacks with the intent of executing code in nonexecutable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -20685,6 +20699,7 @@ Satisfies: SRG-OS-000433-GPOS-00192, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Kernel page-table isolation is a kernel feature that mitigates the Meltdown security vulnerability and hardens the kernel against attempts to bypass kernel address space layout randomization (KASLR).
+ 
+@@ -20699,6 +20714,7 @@ Satisfies: SRG-OS-000433-GPOS-00193, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -20715,6 +20731,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -20735,6 +20752,7 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000138-GPOS-00069</description>
+             <title>RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -20755,6 +20773,7 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000138-GPOS-00069</description>
+             <title>RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -20771,6 +20790,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000366-GPOS-00153</description>
+             <title>RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Exposing kernel pointers (through procfs or "seq_printf()") exposes kernel writeable structures, which may contain functions pointers. If a write vulnerability occurs in the kernel, allowing write access to any of this structure, the kernel can be compromised. This option disallows any program without the CAP_SYSLOG capability to get the addresses of kernel pointers by replacing them with "0".
+ 
+@@ -20785,6 +20805,7 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000433-GPOS-00192, SRG-OS-000480-GPO
+             <title>RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigates vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().
+ 
+@@ -20799,6 +20820,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the user identifier (UID) of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().
+ 
+@@ -20813,6 +20835,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213040 - RHEL 9 must disable the kernel.core_pattern.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
+           </metadata>
+@@ -20825,6 +20848,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213045 - RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Disabling Asynchronous Transfer Mode (ATM) protects the system against exploitation of any flaws in its implementation.</description>
+           </metadata>
+@@ -20837,6 +20861,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Disabling Controller Area Network (CAN) protects the system against exploitation of any flaws in its implementation.</description>
+           </metadata>
+@@ -20849,6 +20874,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213055 - RHEL 9 must be configured to disable the FireWire kernel module.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Disabling firewire protects the system against exploitation of any flaws in its implementation.</description>
+           </metadata>
+@@ -20861,6 +20887,7 @@ Satisfies: SRG-OS-000312-GPOS-00123, SRG-OS-000324-GPOS-00125</description>
+             <title>RHEL-09-213060 - RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -20877,6 +20904,7 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+             <title>RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -20893,6 +20921,7 @@ The Transparent Inter Process Communication (TIPC) is a protocol that is special
+             <title>RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they have introduced into a process' address space during an attempt at exploitation. Additionally, ASLR makes it more difficult for an attacker to know the location of existing code in order to repurpose it using return oriented programming (ROP) techniques.
+ 
+@@ -20907,6 +20936,7 @@ Satisfies: SRG-OS-000433-GPOS-00193, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Loading and accessing the packet filters programs and maps using the bpf() system call has the potential of revealing sensitive information about the kernel state.
+ 
+@@ -20921,6 +20951,7 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unrestricted usage of ptrace allows compromised binaries to run ptrace on other processes of the user. Like this, the attacker can steal sensitive information from the target processes (e.g., SSH sessions, web browser, etc.) without any additional assistance from the user (i.e., without resorting to phishing).
+ 
+@@ -20935,6 +20966,7 @@ Satisfies: SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-213085 - RHEL 9 must disable core dump backtraces.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers or system operators trying to debug problems.
+ 
+@@ -20949,6 +20981,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-213090 - RHEL 9 must disable storing core dumps.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers or system operators trying to debug problems. Enabling core dumps on production systems is not recommended; however, there may be overriding operational requirements to enable advanced debugging. Permitting temporary enablement of core dumps during such situations must be reviewed through local needs and policy.</description>
+           </metadata>
+@@ -20961,6 +20994,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-213095 - RHEL 9 must disable core dumps for all users.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
+           </metadata>
+@@ -20973,6 +21007,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-213100 - RHEL 9 must disable acquiring, saving, and processing core dumps.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.</description>
+           </metadata>
+@@ -20985,6 +21020,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-213105 - RHEL 9 must disable the use of user namespaces.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>User namespaces are used primarily for Linux containers. The value "0" disallows the use of user namespaces.</description>
+           </metadata>
+@@ -20997,6 +21033,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-213115 - The kdump service on RHEL 9 must be disabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition. Unless the system is used for kernel development or testing, there is little need to run the kdump service.</description>
+           </metadata>
+@@ -21009,6 +21046,7 @@ Enabling core dumps on production systems is not recommended; however, there may
+             <title>RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -21025,6 +21063,7 @@ Verifying the authenticity of software prior to installation validates the integ
+             <title>RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -21041,6 +21080,7 @@ Verifying the authenticity of software prior to installation validates the integ
+             <title>RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -21057,6 +21097,7 @@ Verifying the authenticity of software prior to installation validates the integ
+             <title>RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by some adversaries.</description>
+           </metadata>
+@@ -21069,6 +21110,7 @@ Verifying the authenticity of software prior to installation validates the integ
+             <title>RHEL-09-215010 - RHEL 9 subscription-manager package must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The Red Hat Subscription Manager application manages software subscriptions and software repositories for installed software products on the local system. It communicates with backend servers, such as the Red Hat Customer Portal or an on-premise instance of Subscription Asset Manager, to register the local system and grant access to software resources determined by the subscription entitlement.</description>
+           </metadata>
+@@ -21081,6 +21123,7 @@ Verifying the authenticity of software prior to installation validates the integ
+             <title>RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
+ 
+@@ -21097,6 +21140,7 @@ Satisfies: SRG-OS-000074-GPOS-00042, SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPO
+             <title>RHEL-09-215020 - RHEL 9 must not have the sendmail package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The sendmail software was not developed with security in mind, and its design prevents it from being effectively contained by SELinux. Postfix must be used instead.
+ 
+@@ -21111,6 +21155,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-215025 - RHEL 9 must not have the nfs-utils package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"nfs-utils" provides a daemon for the kernel NFS server and related tools. This package also contains the "showmount" program. "showmount" queries the mount daemon on a remote host for information about the Network File System (NFS) server on the remote host. For example, "showmount" can display the clients that are mounted on that host.</description>
+           </metadata>
+@@ -21123,6 +21168,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-215030 - RHEL 9 must not have the ypserv package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session.
+ 
+@@ -21137,6 +21183,7 @@ Removing the "ypserv" package decreases the risk of the accidental (or intention
+             <title>RHEL-09-215035 - RHEL 9 must not have the rsh-server package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "rsh-server" service provides unencrypted remote access service, which does not provide for the confidentiality and integrity of user passwords or the remote session and has very weak authentication. If a privileged user were to login using this service, the privileged user password could be compromised. The "rsh-server" package provides several obsolete and insecure network services. Removing it decreases the risk of accidental (or intentional) activation of those services.</description>
+           </metadata>
+@@ -21149,6 +21196,7 @@ Removing the "ypserv" package decreases the risk of the accidental (or intention
+             <title>RHEL-09-215040 - RHEL 9 must not have the telnet-server package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities are often overlooked and therefore, may remain unsecure. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -21165,6 +21213,7 @@ Removing the "telnet-server" package decreases the risk of accidental (or intent
+             <title>RHEL-09-215045 - RHEL 9 must not have the gssproxy package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore, may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -21183,6 +21232,7 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-215050 - RHEL 9 must not have the iprutils package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -21201,6 +21251,7 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-215055 - RHEL 9 must not have the tuned package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -21219,6 +21270,7 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-215060 - RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Removing the "tftp-server" package decreases the risk of the accidental (or intentional) activation of tftp services.
+ 
+@@ -21233,6 +21285,7 @@ If TFTP is required for operational support (such as transmission of router conf
+             <title>RHEL-09-215065 - RHEL 9 must not have the quagga package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) for Unix and Linux platforms.
+ 
+@@ -21247,6 +21300,7 @@ If there is no need to make the router software available, removing it provides
+             <title>RHEL-09-215070 - A graphical display manager must not be installed on RHEL 9 unless approved.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.</description>
+           </metadata>
+@@ -21259,6 +21313,7 @@ If there is no need to make the router software available, removing it provides
+             <title>RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. The DOD CAC with DOD-approved PKI is an example of multifactor authentication.
+ 
+@@ -21273,6 +21328,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-215080 - RHEL 9 must have the gnutls-utils package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains command line TLS client and server and certificate manipulation tools.</description>
+           </metadata>
+@@ -21285,6 +21341,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-215085 - RHEL 9 must have the nss-tools package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Install the "nss-tools" package to install command-line tools to manipulate the NSS certificate and key database.</description>
+           </metadata>
+@@ -21297,6 +21354,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-215090 - RHEL 9 must have the rng-tools package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"rng-tools" provides hardware random number generator tools, such as those used in the formation of x509/PKI certificates.</description>
+           </metadata>
+@@ -21309,6 +21367,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-215095 - RHEL 9 must have the s-nail package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "s-nail" package provides the mail command required to allow sending email notifications of unauthorized configuration changes to designated personnel.</description>
+           </metadata>
+@@ -21321,6 +21380,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-231010 - A separate RHEL 9 file system must be used for user home directories (such as /home or an equivalent).</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Ensuring that "/home" is mounted on its own partition enables the setting of more restrictive mount options, and also helps ensure that users cannot trivially fill partitions used for log or audit data storage.</description>
+           </metadata>
+@@ -21333,6 +21393,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-231015 - RHEL 9 must use a separate file system for /tmp.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/tmp" partition is used as temporary storage by many programs. Placing "/tmp" in its own partition enables the setting of more restrictive mount options, which can help protect programs that use it.</description>
+           </metadata>
+@@ -21345,6 +21406,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-231020 - RHEL 9 must use a separate file system for /var.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Ensuring that "/var" is mounted on its own partition enables the setting of more restrictive mount options. This helps protect system services such as daemons or other programs which use it. It is not uncommon for the "/var" directory to contain world-writable directories installed by other software packages.</description>
+           </metadata>
+@@ -21357,6 +21419,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-231025 - RHEL 9 must use a separate file system for /var/log.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Placing "/var/log" in its own partition enables better separation between log files and other files in "/var/".</description>
+           </metadata>
+@@ -21369,6 +21432,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPO
+             <title>RHEL-09-231030 - RHEL 9 must use a separate file system for the system audit data path.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Placing "/var/log/audit" in its own partition enables better separation between audit files and other system files, and helps ensure that auditing cannot be halted due to the partition running out of space.
+ 
+@@ -21383,6 +21447,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231035 - RHEL 9 must use a separate file system for /var/tmp.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/var/tmp" partition is used as temporary storage by many programs. Placing "/var/tmp" in its own partition enables the setting of more restrictive mount options, which can help protect programs that use it.</description>
+           </metadata>
+@@ -21395,6 +21460,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231040 - RHEL 9 file system automount function must be disabled unless required.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message.
+ 
+@@ -21409,6 +21475,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-231045 - RHEL 9 must prevent device files from being interpreted on file systems that contain user home directories.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21423,6 +21490,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231050 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21437,6 +21505,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231055 - RHEL 9 must prevent code from being executed on file systems that contain user home directories.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21449,6 +21518,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231065 - RHEL 9 must prevent special devices on file systems that are imported via Network File System (NFS).</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21461,6 +21531,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231070 - RHEL 9  must prevent code from being executed on file systems that are imported via Network File System (NFS).</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21473,6 +21544,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231075 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21485,6 +21557,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231095 - RHEL 9 must mount /boot with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The only legitimate location for device files is the "/dev" directory located on the root partition. The only exception to this is chroot jails.</description>
+           </metadata>
+@@ -21497,6 +21570,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231100 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21511,6 +21585,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231105 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21525,6 +21600,7 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-231110 - RHEL 9 must mount /dev/shm with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21539,6 +21615,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231115 - RHEL 9 must mount /dev/shm with the noexec option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21551,6 +21628,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231120 - RHEL 9 must mount /dev/shm with the nosuid option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21563,6 +21641,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231125 - RHEL 9 must mount /tmp with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21577,6 +21656,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231130 - RHEL 9 must mount /tmp with the noexec option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21589,6 +21669,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231135 - RHEL 9 must mount /tmp with the nosuid option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21601,6 +21682,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231140 - RHEL 9 must mount /var with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21615,6 +21697,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231145 - RHEL 9 must mount /var/log with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21629,6 +21712,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231150 - RHEL 9 must mount /var/log with the noexec option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21641,6 +21725,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231155 - RHEL 9 must mount /var/log with the nosuid option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21653,6 +21738,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231160 - RHEL 9 must mount /var/log/audit with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21667,6 +21753,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231165 - RHEL 9 must mount /var/log/audit with the noexec option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21679,6 +21766,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231170 - RHEL 9 must mount /var/log/audit with the nosuid option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21691,6 +21779,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231175 - RHEL 9 must mount /var/tmp with the nodev option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21705,6 +21794,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231180 - RHEL 9 must mount /var/tmp with the noexec option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "noexec" mount option causes the system to not execute binary files. This option must be used for mounting any file system not containing approved binary files, as they may be incompatible. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21717,6 +21807,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231185 - RHEL 9 must mount /var/tmp with the nosuid option.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nosuid" mount option causes the system to not execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.</description>
+           </metadata>
+@@ -21729,6 +21820,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-231195 - RHEL 9 must disable mounting of cramfs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -21745,6 +21837,7 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+             <title>RHEL-09-231200 - RHEL 9 must prevent special devices on non-root local partitions.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for nonprivileged users to attain unauthorized administrative access.
+ 
+@@ -21759,6 +21852,7 @@ The only legitimate location for device files is the "/dev" directory located on
+             <title>RHEL-09-232010 - RHEL 9 system commands must have mode 755 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -21773,6 +21867,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232015 - RHEL 9 library directories must have mode 755 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -21787,6 +21882,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232020 - RHEL 9 library files must have mode 755 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -21801,6 +21897,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232025 - RHEL 9 /var/log directory must have mode 0755 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -21815,6 +21912,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232030 - RHEL 9 /var/log/messages file must have mode 0640 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -21829,6 +21927,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232035 - RHEL 9 audit tools must have a mode of 0755 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -21845,6 +21944,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232045 - All RHEL 9 local initialization files must have mode 0740 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.</description>
+           </metadata>
+@@ -21857,6 +21957,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232050 - All RHEL 9 local interactive user home directories must have mode 0750 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.</description>
+           </metadata>
+@@ -21869,6 +21970,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232055 - RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -21881,6 +21983,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232060 - RHEL 9 /etc/group- file must have mode 0644 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -21893,6 +21996,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232065 - RHEL 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -21905,6 +22009,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232070 - RHEL 9 /etc/gshadow- file must have mode 0000 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -21917,6 +22022,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232075 - RHEL 9 /etc/passwd file must have mode 0644 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If the "/etc/passwd" file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.</description>
+           </metadata>
+@@ -21929,6 +22035,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232080 - RHEL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -21941,6 +22048,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232085 - RHEL 9 /etc/shadow- file must have mode 0000 or less permissive to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -21953,6 +22061,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232090 - RHEL 9 /etc/group file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -21965,6 +22074,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232095 - RHEL 9 /etc/group file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -21977,6 +22087,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232100 - RHEL 9 /etc/group- file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -21989,6 +22100,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232105 - RHEL 9 /etc/group- file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/group-" file is a backup file of "/etc/group", and as such, contains information regarding groups that are configured on the system. Protection of this file is important for system security.</description>
+           </metadata>
+@@ -22001,6 +22113,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232110 - RHEL 9 /etc/gshadow file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22013,6 +22126,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232115 - RHEL 9 /etc/gshadow file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22025,6 +22139,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232120 - RHEL 9 /etc/gshadow- file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22037,6 +22152,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232125 - RHEL 9 /etc/gshadow- file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22049,6 +22165,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232130 - RHEL 9 /etc/passwd file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/passwd" file contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22061,6 +22178,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232135 - RHEL 9 /etc/passwd file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/passwd" file contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22073,6 +22191,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232140 - RHEL 9 /etc/passwd- file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22085,6 +22204,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232145 - RHEL 9 /etc/passwd- file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/passwd-" file is a backup file of "/etc/passwd", and as such, contains information about the users that are configured on the system. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22097,6 +22217,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232150 - RHEL 9 /etc/shadow file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow" file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information, which could weaken the system security posture.</description>
+           </metadata>
+@@ -22109,6 +22230,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232155 - RHEL 9 /etc/shadow file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow" file stores password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22121,6 +22243,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232160 - RHEL 9 /etc/shadow- file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22133,6 +22256,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232165 - RHEL 9 /etc/shadow- file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow-" file is a backup file of "/etc/shadow", and as such, contains the list of local system accounts and password hashes. Protection of this file is critical for system security.</description>
+           </metadata>
+@@ -22145,6 +22269,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232170 - RHEL 9 /var/log directory must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -22159,6 +22284,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232175 - RHEL 9 /var/log directory must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -22173,6 +22299,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -22187,6 +22314,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232185 - RHEL 9 /var/log/messages file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, personally identifiable information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -22201,6 +22329,7 @@ The structure and content of error messages must be carefully considered by the
+             <title>RHEL-09-232190 - RHEL 9 system commands must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22215,6 +22344,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232195 - RHEL 9 system commands must be group-owned by root or a system account.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22229,6 +22359,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232200 - RHEL 9 library files must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22243,6 +22374,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232205 - RHEL 9 library files must be group-owned by root or a system account.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22257,6 +22389,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232210 - RHEL 9 library directories must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22271,6 +22404,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232215 - RHEL 9 library directories must be group-owned by root or a system account.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If RHEL 9 allowed any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -22285,6 +22419,7 @@ This requirement applies to RHEL 9 with software libraries that are accessible a
+             <title>RHEL-09-232220 - RHEL 9 audit tools must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -22301,6 +22436,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232225 - RHEL 9 audit tools must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data; therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -22317,6 +22453,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232230 - RHEL 9 cron configuration files directory must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
+           </metadata>
+@@ -22329,6 +22466,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232235 - RHEL 9 cron configuration files directory must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Service configuration files enable or disable features of their respective services that if configured incorrectly can lead to insecure and vulnerable configurations; therefore, service configuration files should be owned by the correct group to prevent unauthorized changes.</description>
+           </metadata>
+@@ -22341,6 +22479,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-232270 - RHEL 9 /etc/shadow file must have mode 0000 to prevent unauthorized access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "/etc/shadow" file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information, which could weaken the system security posture.</description>
+           </metadata>
+@@ -22353,6 +22492,7 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+             <title>RHEL-09-251010 - RHEL 9 must have the firewalld package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -22381,6 +22521,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000298-GPO
+             <title>RHEL-09-251015 - The firewalld service on RHEL 9 must be active.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -22401,6 +22542,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000480-GPO
+             <title>RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
+ 
+@@ -22415,6 +22557,7 @@ This requirement addresses the configuration of RHEL 9 to mitigate the impact of
+             <title>RHEL-09-251040 - RHEL 9 network interfaces must not be in promiscuous mode.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
+ 
+@@ -22429,6 +22572,7 @@ If the system is being used to perform a network troubleshooting function, the u
+             <title>RHEL-09-251045 - RHEL 9 must enable hardening for the Berkeley Packet Filter just-in-time compiler.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>When hardened, the extended Berkeley Packet Filter (BPF) just-in-time (JIT) compiler will randomize any kernel addresses in the BPF programs and maps, and will not expose the JIT addresses in "/proc/kallsyms".</description>
+           </metadata>
+@@ -22441,6 +22585,7 @@ If the system is being used to perform a network troubleshooting function, the u
+             <title>RHEL-09-252010 - RHEL 9 must have the chrony package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.</description>
+           </metadata>
+@@ -22453,6 +22598,7 @@ If the system is being used to perform a network troubleshooting function, the u
+             <title>RHEL-09-252015 - RHEL 9 chronyd service must be enabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -22467,6 +22613,7 @@ Synchronizing internal information system clocks provides uniformity of time sta
+             <title>RHEL-09-252025 - RHEL 9 must disable the chrony daemon from acting as a server.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Minimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.
+ 
+@@ -22481,6 +22628,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-252030 - RHEL 9 must disable network management of the chrony daemon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Not exposing the management interface of the chrony daemon on the network diminishes the attack space.
+ 
+@@ -22495,6 +22643,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-252035 - RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.</description>
+           </metadata>
+@@ -22507,6 +22656,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-252040 - RHEL 9 must configure a DNS processing mode set be Network Manager.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In order to ensure that DNS resolver settings are respected, a DNS mode in Network Manager must be configured.</description>
+           </metadata>
+@@ -22519,6 +22669,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.</description>
+           </metadata>
+@@ -22531,6 +22682,7 @@ Satisfies: SRG-OS-000096-GPOS-00050, SRG-OS-000095-GPOS-00049</description>
+             <title>RHEL-09-252060 - RHEL 9 must forward mail from postmaster to the root account using a postfix alias.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -22545,6 +22697,7 @@ Audit processing failures include software/hardware errors, failures in the audi
+             <title>RHEL-09-252065 - RHEL 9 libreswan package must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.
+ 
+@@ -22559,6 +22712,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-252070 - There must be no shosts.equiv files on RHEL 9.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The shosts.equiv files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
+           </metadata>
+@@ -22571,6 +22725,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-252075 - There must be no .shosts files on RHEL 9.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.</description>
+           </metadata>
+@@ -22583,6 +22738,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-253010 - RHEL 9 must be configured to use TCP syncookies.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Denial of service (DoS) is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity. 
+ 
+@@ -22599,6 +22755,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000420-GPOS-00186, SRG-OS-000142-GPO
+             <title>RHEL-09-253015 - RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -22613,6 +22770,7 @@ This feature of the IPv4 protocol has few legitimate uses. It should be disabled
+             <title>RHEL-09-253020 - RHEL 9 must not forward Internet Protocol version 4 (IPv4) source-routed packets.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Source-routed packets allow the source of the packet to suggest routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routerd traffic, such as when IPv4 forwarding is enabled and the system is functioning as a router.
+ 
+@@ -22627,6 +22785,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253025 - RHEL 9 must log IPv4 packets with impossible addresses.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The presence of "martian" packets (which have impossible addresses) as well as spoofed packets, source-routed packets, and redirects could be a sign of nefarious network activity. Logging these packets enables this activity to be detected.</description>
+           </metadata>
+@@ -22639,6 +22798,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253030 - RHEL 9 must log IPv4 packets with impossible addresses by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The presence of "martian" packets (which have impossible addresses) as well as spoofed packets, source-routed packets, and redirects could be a sign of nefarious network activity. Logging these packets enables this activity to be detected.</description>
+           </metadata>
+@@ -22651,6 +22811,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253035 - RHEL 9 must use reverse path filtering on all IPv4 interfaces.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enabling reverse path filtering drops packets with source addresses that should not have been able to be received on the interface on which they were received. It must not be used on systems that are routers for complicated networks, but is helpful for end hosts and routers serving small networks.</description>
+           </metadata>
+@@ -22663,6 +22824,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253040 - RHEL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -22677,6 +22839,7 @@ This feature of the IPv4 protocol has few legitimate uses. It must be disabled u
+             <title>RHEL-09-253045 - RHEL 9 must not forward IPv4 source-routed packets by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Source-routed packets allow the source of the packet to suggest routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures.
+ 
+@@ -22691,6 +22854,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253050 - RHEL 9 must use a reverse-path filter for IPv4 network traffic when possible by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enabling reverse path filtering drops packets with source addresses that should not have been able to be received on the interface on which they were received. It must not be used on systems that are routers for complicated networks, but is helpful for end hosts and routers serving small networks.</description>
+           </metadata>
+@@ -22703,6 +22867,7 @@ Accepting source-routed packets in the IPv4 protocol has few legitimate uses. It
+             <title>RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Responding to broadcast (ICMP) echoes facilitates network mapping and provides a vector for amplification attacks.
+ 
+@@ -22717,6 +22882,7 @@ Ignoring ICMP echo requests (pings) sent to broadcast or multicast addresses mak
+             <title>RHEL-09-253060 - RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Some routers will send responses to broadcast frames that violate RFC-1122, which fills up a log file system with many useless error messages. An attacker may take advantage of this and attempt to flood the logs with bogus error logs. Ignoring bogus ICMP error responses reduces log size, although some activity would not be logged.</description>
+           </metadata>
+@@ -22729,6 +22895,7 @@ Ignoring ICMP echo requests (pings) sent to broadcast or multicast addresses mak
+             <title>RHEL-09-253065 - RHEL 9 must not send Internet Control Message Protocol (ICMP) redirects.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table possibly revealing portions of the network topology.
+ 
+@@ -22743,6 +22910,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-253070 - RHEL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table possibly revealing portions of the network topology.
+ 
+@@ -22757,6 +22925,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-253075 - RHEL 9 must not enable IPv4 packet forwarding unless the system is a router.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this capability is used when not required, system network information may be unnecessarily transmitted across the network.</description>
+           </metadata>
+@@ -22769,6 +22938,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254010 - RHEL 9 must not accept router advertisements on all IPv6 interfaces.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An illicit router advertisement message could result in a man-in-the-middle attack.</description>
+           </metadata>
+@@ -22781,6 +22951,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254015 - RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An illicit ICMP redirect message could result in a man-in-the-middle attack.</description>
+           </metadata>
+@@ -22793,6 +22964,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254020 - RHEL 9 must not forward IPv6 source-routed packets.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.</description>
+           </metadata>
+@@ -22805,6 +22977,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>IP forwarding permits the kernel to forward packets from one network interface to another. The ability to forward packets between two networks is only appropriate for systems acting as routers.</description>
+           </metadata>
+@@ -22817,6 +22990,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254030 - RHEL 9 must not accept router advertisements on all IPv6 interfaces by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An illicit router advertisement message could result in a man-in-the-middle attack.</description>
+           </metadata>
+@@ -22829,6 +23003,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254035 - RHEL 9 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.</description>
+           </metadata>
+@@ -22841,6 +23016,7 @@ The ability to send ICMP redirects is only appropriate for systems acting as rou
+             <title>RHEL-09-254040 - RHEL 9 must not forward IPv6 source-routed packets by default.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -22855,6 +23031,7 @@ Accepting source-routed packets in the IPv6 protocol has few legitimate uses. It
+             <title>RHEL-09-255010 - All RHEL 9 networked systems must have SSH installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -22873,6 +23050,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+             <title>RHEL-09-255015 - All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -22891,6 +23069,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+             <title>RHEL-09-255020 - RHEL 9 must have the openssh-clients package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>This package includes utilities to make encrypted connections and transfer files securely to SSH servers.</description>
+           </metadata>
+@@ -22903,6 +23082,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+             <title>RHEL-09-255025 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a SSH logon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.
+ 
+@@ -22917,6 +23097,7 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
+             <title>RHEL-09-255030 - RHEL 9 must log SSH connection attempts and failures to the server.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>SSH provides several logging levels with varying amounts of verbosity. "DEBUG" is specifically not recommended other than strictly for debugging SSH communications since it provides so much data that it is difficult to identify important security information. "INFO" or "VERBOSE" level is the basic level that only records login activity of SSH users. In many situations, such as Incident Response, it is important to determine when a particular user was active on a system. The logout record can eliminate those users who disconnected, which helps narrow the field.</description>
+           </metadata>
+@@ -22929,6 +23110,7 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
+             <title>RHEL-09-255035 - RHEL 9 SSHD must accept public key authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. A DOD CAC with DOD-approved PKI is an example of multifactor authentication.
+ 
+@@ -22943,6 +23125,7 @@ Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPO
+             <title>RHEL-09-255040 - RHEL 9 SSHD must not allow blank passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+ 
+@@ -22957,6 +23140,7 @@ Satisfies: SRG-OS-000106-GPOS-00053, SRG-OS-000480-GPOS-00229, SRG-OS-000480-GPO
+             <title>RHEL-09-255045 - RHEL 9 must not permit direct logons to the root account using remote access via SSH.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging directly on as root. In addition, logging in with a user-specific account provides individual accountability of actions performed on the system and also helps to minimize direct attack attempts on root's password.
+ 
+@@ -22973,6 +23157,7 @@ Satisfies: SRG-OS-000109-GPOS-00056, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255050 - RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>When UsePAM is set to "yes", PAM runs through account and session types properly. This is important when restricted access to services based off of IP, time, or other factors of the account is needed. Additionally, this ensures users can inherit certain environment variables on login or disallow access to the server.</description>
+           </metadata>
+@@ -22985,6 +23170,7 @@ Satisfies: SRG-OS-000109-GPOS-00056, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255065 - RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH server connections.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -23003,6 +23189,7 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
+             <title>RHEL-09-255075 - RHEL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -23021,6 +23208,7 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
+             <title>RHEL-09-255080 - RHEL 9 must not allow a noncertificate trusted host SSH logon to the system.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts.</description>
+           </metadata>
+@@ -23033,6 +23221,7 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
+             <title>RHEL-09-255085 - RHEL 9 must not allow users to override SSH environment variables.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>SSH environment options potentially allow users to bypass access restriction in some configurations.</description>
+           </metadata>
+@@ -23045,6 +23234,7 @@ RHEL 9 incorporates system-wide crypto policies by default. The SSH configuratio
+             <title>RHEL-09-255090 - RHEL 9 must force a frequent session key renegotiation for SSH connections to the server.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -23065,6 +23255,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000033-GPOS-00014, SRG-OS-000424-GPO
+             <title>RHEL-09-255095 - RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -23083,6 +23274,7 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPOS-00109</description>
+             <title>RHEL-09-255100 - RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -23101,6 +23293,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255105 - RHEL 9 SSH server configuration file must be group-owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Service configuration files enable or disable features of their respective services, which if configured incorrectly, can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
+           </metadata>
+@@ -23113,6 +23306,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255110 - RHEL 9 SSH server configuration file must be owned by root.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Service configuration files enable or disable features of their respective services, which if configured incorrectly, can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.</description>
+           </metadata>
+@@ -23125,6 +23319,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255120 - RHEL 9 SSH private host key files must have mode 0640 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If an unauthorized user obtains the private SSH host key file, the host could be impersonated.</description>
+           </metadata>
+@@ -23137,6 +23332,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255125 - RHEL 9 SSH public host key files must have mode 0644 or less permissive.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If a public host key file is modified by an unauthorized user, the SSH service may be compromised.</description>
+           </metadata>
+@@ -23149,6 +23345,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255130 - RHEL 9 SSH daemon must not allow compression or must only allow compression after successful authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.</description>
+           </metadata>
+@@ -23161,6 +23358,7 @@ Satisfies: SRG-OS-000126-GPOS-00066, SRG-OS-000163-GPOS-00072, SRG-OS-000279-GPO
+             <title>RHEL-09-255135 - RHEL 9 SSH daemon must not allow GSSAPI authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Generic Security Service Application Program Interface (GSSAPI) authentication is used to provide additional authentication mechanisms to applications. Allowing GSSAPI authentication through SSH exposes the system's GSSAPI to remote hosts, increasing the attack surface of the system.
+ 
+@@ -23175,6 +23373,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255140 - RHEL 9 SSH daemon must not allow Kerberos authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Kerberos authentication for SSH is often implemented using Generic Security Service Application Program Interface (GSSAPI). If Kerberos is enabled through SSH, the SSH daemon provides a means of access to the system's Kerberos implementation. Vulnerabilities in the system's Kerberos implementations may be subject to exploitation.
+ 
+@@ -23189,6 +23388,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255145 - RHEL 9 SSH daemon must not allow rhosts authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts.</description>
+           </metadata>
+@@ -23201,6 +23401,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255150 - RHEL 9 SSH daemon must not allow known hosts authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Configuring the IgnoreUserKnownHosts setting for the SSH daemon provides additional assurance that remote login via SSH will require a password, even in the event of misconfiguration elsewhere.</description>
+           </metadata>
+@@ -23213,6 +23414,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DISPLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.</description>
+           </metadata>
+@@ -23225,6 +23427,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255160 - RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If other users have access to modify user-specific SSH configuration files, they may be able to log into the system as another user.</description>
+           </metadata>
+@@ -23237,6 +23440,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255165 - RHEL 9 SSH daemon must display the date and time of the last successful account logon upon an SSH logon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Providing users feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.</description>
+           </metadata>
+@@ -23249,6 +23453,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-255175 - RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the "DISPLAY" environment variable to localhost. This prevents remote hosts from connecting to the proxy display.</description>
+           </metadata>
+@@ -23261,6 +23466,7 @@ Satisfies: SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-271010 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+ 
+@@ -23277,6 +23483,7 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
+             <title>RHEL-09-271015 - RHEL 9 must prevent a user from overriding the banner-message-enable setting for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+ 
+@@ -23293,6 +23500,7 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</description>
+             <title>RHEL-09-271020 - RHEL 9 must disable the graphical user interface automount function unless required.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
+ 
+@@ -23307,6 +23515,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-271025 - RHEL 9 must prevent a user from overriding the disabling of the graphical user interface automount function.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A nonprivileged account is any operating system account with authorizations of a nonprivileged user.
+ 
+@@ -23321,6 +23530,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-271035 - RHEL 9 must prevent a user from overriding the disabling of the graphical user interface autorun function.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Techniques used to address this include protocols using nonces (e.g., numbers generated for a specific one-time use) or challenges (e.g., TLS, WS_Security). Additional techniques include time-synchronous or challenge-response one-time authenticators.
+ 
+@@ -23335,6 +23545,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-271040 - RHEL 9 must not allow unattended or automatic logon via the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Failure to restrict system access to authenticated users negatively impacts operating system security.</description>
+           </metadata>
+@@ -23347,6 +23558,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-271045 - RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -23363,6 +23575,7 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
+             <title>RHEL-09-271050 - RHEL 9 must prevent a user from overriding the disabling of the graphical user smart card removal action.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -23379,6 +23592,7 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
+             <title>RHEL-09-271060 - RHEL 9 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
+ 
+@@ -23397,6 +23611,7 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011</description>
+             <title>RHEL-09-271065 - RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate a session lock.
+ 
+@@ -23411,6 +23626,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271070 - RHEL 9 must prevent a user from overriding the session idle-delay setting for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.
+ 
+@@ -23425,6 +23641,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271080 - RHEL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, the GNOME desktop can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.</description>
+           </metadata>
+@@ -23437,6 +23654,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271085 - RHEL 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Setting the screensaver mode to blank-only conceals the contents of the display from passersby.</description>
+           </metadata>
+@@ -23449,6 +23667,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271095 - RHEL 9 must disable the ability of a user to restart the system from the login screen.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A user who is at the console can reboot the system at the login screen. If restart or shutdown buttons are pressed at the login screen, this can create the risk of short-term loss of availability of systems due to reboot.</description>
+           </metadata>
+@@ -23461,6 +23680,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271100 - RHEL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A user who is at the console can reboot the system at the login screen. If restart or shutdown buttons are pressed at the login screen, this can create the risk of short-term loss of availability of systems due to reboot.</description>
+           </metadata>
+@@ -23473,6 +23693,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271110 - RHEL 9 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical user interface.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>A locally logged-in user who presses Ctrl-Alt-Del, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot.</description>
+           </metadata>
+@@ -23485,6 +23706,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-271115 - RHEL 9 must disable the user list at logon for graphical user interfaces.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.</description>
+           </metadata>
+@@ -23497,6 +23719,7 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012</description>
+             <title>RHEL-09-291010 - RHEL 9 must be configured to disable USB mass storage.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
+ 
+@@ -23511,6 +23734,7 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPO
+             <title>RHEL-09-291015 - RHEL 9 must have the USBGuard package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The USBguard-daemon is the main component of the USBGuard software framework. It runs as a service in the background and enforces the USB device authorization policy for all USB devices. The policy is defined by a set of rules using a rule language described in the usbguard-rules.conf file. The policy and the authorization state of USB devices can be modified during runtime using the usbguard tool.
+ 
+@@ -23525,6 +23749,7 @@ The system administrator (SA) must work with the site information system securit
+             <title>RHEL-09-291020 - RHEL 9 must have the USBGuard package enabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The USBguard-daemon is the main component of the USBGuard software framework. It runs as a service in the background and enforces the USB device authorization policy for all USB devices. The policy is defined by a set of rules using a rule language described in the usbguard-rules.conf file. The policy and the authorization state of USB devices can be modified during runtime using the usbguard tool.
+ 
+@@ -23539,6 +23764,7 @@ The system administrator (SA) must work with the site information system securit
+             <title>RHEL-09-291025 - RHEL 9 must enable Linux audit logging for the USBGuard daemon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -23567,6 +23793,7 @@ DOD has defined the list of events for which RHEL 9 will provide an audit record
+             <title>RHEL-09-291035 - RHEL 9 Bluetooth must be disabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>This requirement applies to wireless peripheral technologies (e.g., wireless mice, keyboards, displays, etc.) used with RHEL 9 systems. Wireless peripherals (e.g., Wi-Fi/Bluetooth/IR keyboards, mice and pointing devices, and near field communications [NFC]) present a unique challenge by creating an open, unsecured port on a computer. Wireless peripherals must meet DOD requirements for wireless data transmission and be approved for use by the Authorizing Official (AO). Even though some wireless peripherals, such as mice and pointing devices, do not ordinarily carry information that need to be protected, modification of communications with these wireless peripherals may be used to compromise the RHEL 9 operating system.
+ 
+@@ -23581,6 +23808,7 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000300-GPOS-00118</description>
+             <title>RHEL-09-411010 - RHEL 9 user account passwords for new users or password changes must have a 60-day maximum password lifetime restriction in /etc/login.defs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If the operating system does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the operating system passwords could be compromised.
+ 
+@@ -23595,6 +23823,7 @@ Setting the password maximum age ensures users are required to periodically chan
+             <title>RHEL-09-411015 - RHEL 9 user account passwords must have a 60-day maximum password lifetime restriction.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Any password, no matter how complex, can eventually be cracked; therefore, passwords need to be changed periodically. If RHEL 9 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 9 passwords could be compromised.</description>
+           </metadata>
+@@ -23607,6 +23836,7 @@ Setting the password maximum age ensures users are required to periodically chan
+             <title>RHEL-09-411020 - All RHEL 9 local interactive user accounts must be assigned a home directory upon creation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.</description>
+           </metadata>
+@@ -23619,6 +23849,7 @@ Setting the password maximum age ensures users are required to periodically chan
+             <title>RHEL-09-411030 - RHEL 9 duplicate User IDs (UIDs) must not exist for interactive users.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
+ 
+@@ -23633,6 +23864,7 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
+             <title>RHEL-09-411035 - RHEL 9 system accounts must not have an interactive login shell.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Ensuring shells are not given to system accounts upon login makes it more difficult for attackers to make use of system accounts.</description>
+           </metadata>
+@@ -23645,6 +23877,7 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
+             <title>RHEL-09-411045 - All RHEL 9 interactive users must have a primary group that exists.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If a user is assigned the Group Identifier (GID) of a group that does not exist on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.</description>
+           </metadata>
+@@ -23657,6 +23890,7 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
+             <title>RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system.
+ 
+@@ -23673,6 +23907,7 @@ Owners of inactive accounts will not notice if unauthorized access to their user
+             <title>RHEL-09-411060 - All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.</description>
+           </metadata>
+@@ -23685,6 +23920,7 @@ Owners of inactive accounts will not notice if unauthorized access to their user
+             <title>RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -23699,6 +23935,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, also known as brute-forcing, is reduced. Limits are imposed by locking the account.
+ 
+@@ -23713,6 +23950,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By limiting the number of failed logon attempts the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
+ 
+@@ -23727,6 +23965,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411090 - RHEL 9 must maintain an account lock until the locked account is released by an administrator.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>By limiting the number of failed logon attempts the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.
+ 
+@@ -23741,6 +23980,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411100 - The root account must be the only account having unrestricted access to RHEL 9 system.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>An account has root authority if it has a user identifier (UID) of "0". Multiple accounts with a UID of "0" afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.</description>
+           </metadata>
+@@ -23753,6 +23993,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411105 - RHEL 9 must ensure account lockouts persist.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Having lockouts persist across reboots ensures that account is only unlocked by an administrator. If the lockouts did not persist across reboots, an attacker could simply reboot the system to continue brute force attacks against the accounts on the system.</description>
+           </metadata>
+@@ -23765,6 +24006,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-411110 - RHEL 9 groups must have unique Group ID (GID).</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To ensure accountability and prevent unauthenticated access, groups must be identified uniquely to prevent potential misuse and compromise of the system.</description>
+           </metadata>
+@@ -23777,6 +24019,7 @@ Satisfies: SRG-OS-000329-GPOS-00128, SRG-OS-000021-GPOS-00005</description>
+             <title>RHEL-09-412035 - RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Terminating an idle interactive command shell user session within a short time period reduces the window of opportunity for unauthorized personnel to take control of it when left unattended in a virtual terminal or physical console.
+ 
+@@ -23791,6 +24034,7 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000029-GPOS-00010</description>
+             <title>RHEL-09-412040 - RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to denial-of-service (DoS) attacks.
+ 
+@@ -23805,6 +24049,7 @@ This requirement addresses concurrent sessions for information system accounts a
+             <title>RHEL-09-412045 - RHEL 9 must log username information when unsuccessful logon attempts occur.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without auditing of these events, it may be harder or impossible to identify what an attacker did after an attack.</description>
+           </metadata>
+@@ -23817,6 +24062,7 @@ This requirement addresses concurrent sessions for information system accounts a
+             <title>RHEL-09-412050 - RHEL 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Increasing the time between a failed authentication attempt and reprompting to enter credentials helps to slow a single-threaded brute force attack.</description>
+           </metadata>
+@@ -23829,6 +24075,7 @@ This requirement addresses concurrent sessions for information system accounts a
+             <title>RHEL-09-412055 - RHEL 9 must define default permissions for the bash shell.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
+ 
+@@ -23843,6 +24090,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-412060 - RHEL 9 must define default permissions for the c shell.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
+ 
+@@ -23857,6 +24105,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-412065 - RHEL 9 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.</description>
+           </metadata>
+@@ -23869,6 +24118,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-412070 - RHEL 9 must define default permissions for the system default profile.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The umask controls the default access mode assigned to newly created files. A umask of 077 limits new files to mode 600 or less permissive. Although umask can be represented as a four-digit number, the first digit representing special access modes is typically ignored or required to be "0". This requirement applies to the globally configured system defaults and the local interactive user defaults for each account on the system.
+ 
+@@ -23883,6 +24133,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-412075 - RHEL 9 must display the date and time of the last successful account logon upon logon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the number of unsuccessful attempts that were made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.</description>
+           </metadata>
+@@ -23895,6 +24146,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-412080 - RHEL 9 must terminate idle user sessions.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.</description>
+           </metadata>
+@@ -23907,6 +24159,7 @@ Satisfies: SRG-OS-000480-GPOS-00228, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-431010 - RHEL 9 must use a Linux Security Module configured to enforce limits on system services.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -23923,6 +24176,7 @@ Satisfies: SRG-OS-000445-GPOS-00199, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-431015 - RHEL 9 must enable the SELinux targeted policy.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Setting the SELinux policy to "targeted" or a more specialized policy ensures the system will confine processes that are likely to be targeted for exploitation, such as network or system services.
+ 
+@@ -23937,6 +24191,7 @@ Note: During the development or debugging of SELinux modules, it is common to te
+             <title>RHEL-09-431025 - RHEL 9 must have policycoreutils package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -23953,6 +24208,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-431030 - RHEL 9 policycoreutils-python-utils package must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The policycoreutils-python-utils package is required to operate and manage an SELinux environment and its policies. It provides utilities such as semanage, audit2allow, audit2why, chcat, and sandbox.</description>
+           </metadata>
+@@ -23965,6 +24221,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-432010 - RHEL 9 must have the sudo package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"sudo" is a program designed to allow a system administrator to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow system users to get their work done.</description>
+           </metadata>
+@@ -23977,6 +24234,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000134-GPOS-00068</description>
+             <title>RHEL-09-432015 - RHEL 9 must require reauthentication when using the "sudo" command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -23993,6 +24251,7 @@ If the value is set to an integer less than "0", the user's time stamp will not
+             <title>RHEL-09-432020 - RHEL 9 must use the invoking user's password for privilege escalation when using "sudo".</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.</description>
+           </metadata>
+@@ -24005,6 +24264,7 @@ If the value is set to an integer less than "0", the user's time stamp will not
+             <title>RHEL-09-432025 - RHEL 9 must require users to reauthenticate for privilege escalation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -24021,6 +24281,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+             <title>RHEL-09-432030 - RHEL 9 must restrict privilege elevation to authorized personnel.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.</description>
+           </metadata>
+@@ -24033,6 +24294,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+             <title>RHEL-09-432035 - RHEL 9 must restrict the use of the "su" command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "su" program allows to run commands with a substitute user and group ID. It is commonly used to run commands as the root user. Limiting access to such commands is considered a good security practice.
+ 
+@@ -24047,6 +24309,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000312-GPOS-00123</description>
+             <title>RHEL-09-433010 - RHEL 9 fapolicy module must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as allowlisting.
+ 
+@@ -24069,6 +24332,7 @@ Satisfies: SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154</description>
+             <title>RHEL-09-433015 - RHEL 9 fapolicy module must be enabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as allowlisting.
+ 
+@@ -24091,6 +24355,7 @@ Satisfies: SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154</description>
+             <title>RHEL-09-611010 - RHEL 9 must ensure the password complexity module in the system-auth file is configured for three retries or less.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -24109,6 +24374,7 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+             <title>RHEL-09-611025 - RHEL 9 must not allow blank or null passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If an account has an empty password, anyone could log in and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
+           </metadata>
+@@ -24122,6 +24388,7 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+             <title>RHEL-09-611040 - RHEL 9 must ensure the password complexity module is enabled in the password-auth file.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enabling PAM password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.
+ 
+@@ -24136,6 +24403,7 @@ Satisfies: SRG-OS-000069-GPOS-00037, SRG-OS-000070-GPOS-00038, SRG-OS-000480-GPO
+             <title>RHEL-09-611045 - RHEL 9 must ensure the password complexity module is enabled in the system-auth file.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enabling PAM password complexity permits enforcement of strong passwords and consequently makes the system less prone to dictionary attacks.</description>
+           </metadata>
+@@ -24148,6 +24416,7 @@ Satisfies: SRG-OS-000069-GPOS-00037, SRG-OS-000070-GPOS-00038, SRG-OS-000480-GPO
+             <title>RHEL-09-611050 - RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
+ 
+@@ -24164,6 +24433,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-611055 - RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
+ 
+@@ -24180,6 +24450,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-611060 - RHEL 9 must enforce password complexity rules for the root account.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -24196,6 +24467,7 @@ Satisfies: SRG-OS-000072-GPOS-00040, SRG-OS-000071-GPOS-00039, SRG-OS-000070-GPO
+             <title>RHEL-09-611065 - RHEL 9 must enforce password complexity by requiring that at least one lowercase character be used.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. 
+ 
+@@ -24210,6 +24482,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611070 - RHEL 9 must enforce password complexity by requiring that at least one numeric character be used.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -24224,6 +24497,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611075 - RHEL 9 passwords for new users or password changes must have a 24 hours minimum password lifetime restriction in /etc/login.defs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, then the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+ 
+@@ -24238,6 +24512,7 @@ Setting the minimum password age protects against users cycling back to a favori
+             <title>RHEL-09-611080 - RHEL 9 passwords must have a 24 hours minimum password lifetime restriction in /etc/shadow.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.</description>
+           </metadata>
+@@ -24250,6 +24525,7 @@ Setting the minimum password age protects against users cycling back to a favori
+             <title>RHEL-09-611085 - RHEL 9 must require users to provide a password for privilege escalation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -24266,6 +24542,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+             <title>RHEL-09-611090 - RHEL 9 passwords must be created with a minimum of 15 characters.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -24286,6 +24563,7 @@ The DOD minimum password requirement is 15 characters.</description>
+             <title>RHEL-09-611100 - RHEL 9 must enforce password complexity by requiring that at least one special character be used.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised. RHEL 9 utilizes "pwquality" as a mechanism to enforce password complexity. Note that to require special characters without degrading the "minlen" value, the credit value must be expressed as a negative number in "/etc/security/pwquality.conf".</description>
+           </metadata>
+@@ -24298,6 +24576,7 @@ The DOD minimum password requirement is 15 characters.</description>
+             <title>RHEL-09-611105 - RHEL 9 must prevent the use of dictionary words for passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If RHEL 9 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.</description>
+           </metadata>
+@@ -24310,6 +24589,7 @@ The DOD minimum password requirement is 15 characters.</description>
+             <title>RHEL-09-611110 - RHEL 9 must enforce password complexity by requiring that at least one uppercase character be used.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one factor of several that determines how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised. Requiring a minimum number of uppercase characters makes password guessing attacks more difficult by ensuring a larger search space.</description>
+           </metadata>
+@@ -24322,6 +24602,7 @@ The DOD minimum password requirement is 15 characters.</description>
+             <title>RHEL-09-611115 - RHEL 9 must require the change of at least eight characters when passwords are changed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute–force attacks. 
+ 
+@@ -24336,6 +24617,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611120 - RHEL 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -24350,6 +24632,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611125 - RHEL 9 must require the maximum number of repeating characters be limited to three when passwords are changed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -24364,6 +24647,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611130 - RHEL 9 must require the change of at least four character classes when passwords are changed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+ 
+@@ -24378,6 +24662,7 @@ Password complexity is one factor of several that determines how long it takes t
+             <title>RHEL-09-611135 - RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
+ 
+@@ -24392,6 +24677,7 @@ This setting ensures user and group account administration utilities are configu
+             <title>RHEL-09-611140 - RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Passwords that are encrypted with a weak algorithm are no more protected than if they are kept in plain text.
+ 
+@@ -24406,6 +24692,7 @@ This setting ensures user and group account administration utilities are configu
+             <title>RHEL-09-611145 - RHEL 9 must not be configured to bypass password requirements for privilege escalation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.
+ 
+@@ -24420,6 +24707,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+             <title>RHEL-09-611155 - RHEL 9 must not have accounts configured with blank or null passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If an account has an empty password, anyone could log in and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.</description>
+           </metadata>
+@@ -24432,6 +24720,7 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+             <title>RHEL-09-611160 - RHEL 9 must use the CAC smart card driver.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Smart card login provides two-factor authentication stronger than that provided by a username and password combination. Smart cards leverage public key infrastructure to provide and verify credentials. Configuring the smart card driver in use by the organization helps to prevent users from using unauthorized smart cards.
+ 
+@@ -24446,6 +24735,7 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPO
+             <title>RHEL-09-611165 - RHEL 9 must enable certificate based smart card authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentication. A privileged account is defined as an information system account with authorizations of a privileged user. The DOD Common Access Card (CAC) with DOD-approved PKI is an example of multifactor authentication.
+ 
+@@ -24460,6 +24750,7 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000105-GPOS-00052</description>
+             <title>RHEL-09-611170 - RHEL 9 must implement certificate status checking for multifactor authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Using an authentication device, such as a DOD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
+ 
+@@ -24478,6 +24769,7 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000377-GPOS-00162</description>
+             <title>RHEL-09-611175 - RHEL 9 must have the pcsc-lite package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The pcsc-lite package must be installed if it is to be available for multifactor authentication using smart cards.</description>
+           </metadata>
+@@ -24490,6 +24782,7 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000377-GPOS-00162</description>
+             <title>RHEL-09-611180 - The pcscd service on RHEL 9 must be active.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The information system ensures that even if the information system is compromised, that compromise will not affect credentials stored on the authentication device.
+ 
+@@ -24504,6 +24797,7 @@ The daemon program for pcsc-lite and the MuscleCard framework is pcscd. It is a
+             <title>RHEL-09-611185 - RHEL 9 must have the opensc package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access.
+ 
+@@ -24520,6 +24814,7 @@ Satisfies: SRG-OS-000375-GPOS-00160, SRG-OS-000376-GPOS-00161</description>
+             <title>RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
+ 
+@@ -24534,6 +24829,7 @@ This requirement prevents attackers with physical access from trivially bypassin
+             <title>RHEL-09-611200 - RHEL 9 must require authentication to access single-user mode.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
+ 
+@@ -24548,6 +24844,7 @@ This requirement prevents attackers with physical access from trivially bypassin
+             <title>RHEL-09-631020 - RHEL 9 must prohibit the use of cached authenticators after one day.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If cached authentication information is out-of-date, the validity of the authentication information may be questionable.</description>
+           </metadata>
+@@ -24560,6 +24857,7 @@ This requirement prevents attackers with physical access from trivially bypassin
+             <title>RHEL-09-651025 - RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Protecting the integrity of the tools used for auditing purposes is a critical step toward ensuring the integrity of audit information. Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity.
+ 
+@@ -24580,6 +24878,7 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
+             <title>RHEL-09-652010 - RHEL 9 must have the rsyslog package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>rsyslogd is a system utility providing support for message logging. Support for both internet and Unix domain sockets enables this utility to support both local and remote logging. Couple this utility with "gnutls" (which is a secure communications library implementing the SSL, TLS, and DTLS protocols), to create a method to securely encrypt and offload auditing.
+ 
+@@ -24594,6 +24893,7 @@ Satisfies: SRG-OS-000479-GPOS-00224, SRG-OS-000051-GPOS-00024, SRG-OS-000480-GPO
+             <title>RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The rsyslog-gnutls package provides Transport Layer Security (TLS) support for the rsyslog daemon, which enables secure remote logging.
+ 
+@@ -24608,6 +24908,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-652020 - The rsyslog service on RHEL 9 must be active.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The "rsyslog" service must be running to provide logging services, which are essential to system administration.</description>
+           </metadata>
+@@ -24620,6 +24921,7 @@ Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-652025 - RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unintentionally running a rsyslog server accepting remote messages puts the system at increased risk. Malicious rsyslog messages sent to the server could exploit vulnerabilities in the server software itself, could introduce misleading information into the system's logs, or could fill the system's storage leading to a denial of service.
+ 
+@@ -24634,6 +24936,7 @@ If the system is intended to be a log aggregation server, its use must be docume
+             <title>RHEL-09-652030 - All RHEL 9 remote access methods must be monitored.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Logging remote access methods can be used to trace the decrease in the risks associated with remote user access management. It can also be used to spot cyberattacks and ensure ongoing compliance with organizational policies surrounding the use of remote access methods.</description>
+           </metadata>
+@@ -24646,6 +24949,7 @@ If the system is intended to be a log aggregation server, its use must be docume
+             <title>RHEL-09-652040 - RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -24670,6 +24974,7 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
+             <title>RHEL-09-652045 - RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -24694,6 +24999,7 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
+             <title>RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -24712,6 +25018,7 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
+             <title>RHEL-09-652055 - RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -24738,6 +25045,7 @@ Satisfies: SRG-OS-000479-GPOS-00224, SRG-OS-000480-GPOS-00227, SRG-OS-000342-GPO
+             <title>RHEL-09-653010 - RHEL 9 audit package must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -24756,6 +25064,7 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+             <title>RHEL-09-653015 - RHEL 9 audit service must be enabled.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without establishing what type of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Ensuring the "auditd" service is active ensures audit records generated by the kernel are appropriately recorded.
+ 
+@@ -24772,6 +25081,7 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+             <title>RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
+           </metadata>
+@@ -24784,6 +25094,7 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+             <title>RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
+           </metadata>
+@@ -24796,6 +25107,7 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+             <title>RHEL-09-653030 - RHEL 9 must allocate audit record storage capacity to store at least one week's worth of audit records.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>To ensure RHEL 9 systems have a sufficient storage capacity in which to write the audit logs, RHEL 9 needs to be able to allocate audit record storage capacity.
+ 
+@@ -24812,6 +25124,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653035 - RHEL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.</description>
+           </metadata>
+@@ -24824,6 +25137,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653040 - RHEL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.</description>
+           </metadata>
+@@ -24836,6 +25150,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653045 - RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the audit record storage capacity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If action is not taken when storage volume reaches 95 percent utilization, the auditing system may fail when the storage volume reaches capacity.</description>
+           </metadata>
+@@ -24848,6 +25163,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653050 - RHEL 9 must take action when allocated audit record storage volume reaches 95 percent of the repository maximum audit record storage capacity.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If action is not taken when storage volume reaches 95 percent utilization, the auditing system may fail when the storage volume reaches capacity.</description>
+           </metadata>
+@@ -24860,6 +25176,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical that when the operating system is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.</description>
+           </metadata>
+@@ -24872,6 +25189,7 @@ Satisfies: SRG-OS-000341-GPOS-00132, SRG-OS-000342-GPOS-00133</description>
+             <title>RHEL-09-653060 - RHEL 9 must label all offloaded audit logs before sending them to the central log server.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Enriched logging is needed to determine who, what, and when events occur on a system. Without this, determining root cause of an event will be much more difficult.
+ 
+@@ -24888,6 +25206,7 @@ Satisfies: SRG-OS-000039-GPOS-00017, SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPO
+             <title>RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The audit system should have an action setup in the event the internal event queue becomes full so that no data is lost.  Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -24904,6 +25223,7 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224</description>
+             <title>RHEL-09-653070 - RHEL 9 System Administrator (SA) and/or information system security officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -24922,6 +25242,7 @@ Satisfies: SRG-OS-000046-GPOS-00022, SRG-OS-000343-GPOS-00134</description>
+             <title>RHEL-09-653075 - RHEL 9 audit system must audit local events.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -24938,6 +25259,7 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-653080 - RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -24952,6 +25274,7 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+             <title>RHEL-09-653085 - RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -24966,6 +25289,7 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+             <title>RHEL-09-653090 - RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 9 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -24982,6 +25306,7 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+             <title>RHEL-09-653095 - RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If option "freq" is not set to a value that requires audit records being written to disk after a threshold number is reached, then audit records may be lost.</description>
+           </metadata>
+@@ -24994,6 +25319,7 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+             <title>RHEL-09-653100 - RHEL 9 must produce audit records containing information to establish the identity of any individual or process associated with the event.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -25012,6 +25338,7 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-653105 - RHEL 9 must write audit records to disk.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Audit data should be synchronously written to disk to ensure log integrity. This setting assures that all audit event data is written disk.</description>
+           </metadata>
+@@ -25024,6 +25351,7 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.</description>
+           </metadata>
+@@ -25036,6 +25364,7 @@ Satisfies: SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227</description>
+             <title>RHEL-09-653120 - RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25056,6 +25385,7 @@ Satisfies: SRG-OS-000254-GPOS-00095, SRG-OS-000341-GPOS-00132</description>
+             <title>RHEL-09-653130 - RHEL 9 audispd-plugins package must be installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>"audispd-plugins" provides plugins for the real-time interface to the audit subsystem, "audispd". These plugins can do things like relay events to remote machines or analyze events for suspicious behavior.</description>
+           </metadata>
+@@ -25068,6 +25398,7 @@ Satisfies: SRG-OS-000254-GPOS-00095, SRG-OS-000341-GPOS-00132</description>
+             <title>RHEL-09-654010 - RHEL 9 must audit uses of the "execve" system call.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
+ 
+@@ -25082,6 +25413,7 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127</description>
+             <title>RHEL-09-654015 - RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25102,6 +25434,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25122,6 +25455,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654025 - RHEL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25142,6 +25476,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654030 - RHEL 9 must audit all uses of umount system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25162,6 +25497,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
+             <title>RHEL-09-654035 - RHEL 9 must audit all uses of the chacl command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25182,6 +25518,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654040 - RHEL 9 must audit all uses of the setfacl command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25202,6 +25539,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654045 - RHEL 9 must audit all uses of the chcon command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25222,6 +25560,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654050 - RHEL 9 must audit all uses of the semanage command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25242,6 +25581,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25262,6 +25602,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25282,6 +25623,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654065 - RHEL 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25302,6 +25644,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654070 - RHEL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25322,6 +25665,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654075 - RHEL 9 must audit all uses of the delete_module system call.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25342,6 +25686,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654080 - RHEL 9 must audit all uses of the init_module and finit_module system calls.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25362,6 +25707,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654085 - RHEL 9 must audit all uses of the chage command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25382,6 +25728,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654090 - RHEL 9 must audit all uses of the chsh command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25402,6 +25749,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654095 - RHEL 9 must audit all uses of the crontab command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25422,6 +25770,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654100 - RHEL 9 must audit all uses of the gpasswd command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25442,6 +25791,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654105 - RHEL 9 must audit all uses of the kmod command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25462,6 +25812,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25482,6 +25833,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654115 - RHEL 9 must audit all uses of the pam_timestamp_check command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25502,6 +25854,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25522,6 +25875,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654125 - RHEL 9 must audit all uses of the postdrop command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25542,6 +25896,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654130 - RHEL 9 must audit all uses of the postqueue command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25562,6 +25917,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654135 - RHEL 9 must audit all uses of the ssh-agent command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25582,6 +25938,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654140 - RHEL 9 must audit all uses of the ssh-keysign command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25602,6 +25959,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654145 - RHEL 9 must audit all uses of the su command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25622,6 +25980,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654150 - RHEL 9 must audit all uses of the sudo command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25642,6 +26001,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654155 - RHEL 9 must audit all uses of the sudoedit command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25662,6 +26022,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654160 - RHEL 9 must audit all uses of the unix_chkpwd command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25682,6 +26043,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25702,6 +26064,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654170 - RHEL 9 must audit all uses of the userhelper command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25722,6 +26085,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654175 - RHEL 9 must audit all uses of the usermod command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit record specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25742,6 +26106,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654180 - RHEL 9 must audit all uses of the mount command.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25762,6 +26127,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654185 - Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Misuse of the init command may cause availability issues for the system.</description>
+           </metadata>
+@@ -25774,6 +26140,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Misuse of the poweroff command may cause availability issues for the system.</description>
+           </metadata>
+@@ -25786,6 +26153,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654195 - Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Misuse of the reboot command may cause availability issues for the system.</description>
+           </metadata>
+@@ -25798,6 +26166,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Misuse of the shutdown command may cause availability issues for the system.</description>
+           </metadata>
+@@ -25810,6 +26179,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654205 - Successful/unsuccessful uses of the umount system call in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
+ 
+@@ -25824,6 +26194,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
+             <title>RHEL-09-654210 - Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit record.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
+ 
+@@ -25838,6 +26209,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPO
+             <title>RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The actions taken by system administrators must be audited to keep a record of what was executed on the system, as well as for accountability purposes. Editing the sudoers file may be sign of an attacker trying to establish persistent methods to a system, auditing the editing of the sudoers files mitigates this risk.
+ 
+@@ -25852,6 +26224,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The actions taken by system administrators must be audited to keep a record of what was executed on the system, as well as for accountability purposes. Editing the sudoers file may be sign of an attacker trying to establish persistent methods to a system, auditing the editing of the sudoers files mitigates this risk.
+ 
+@@ -25866,6 +26239,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications must be investigated for legitimacy.
+ 
+@@ -25880,6 +26254,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
+ 
+@@ -25894,6 +26269,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
+ 
+@@ -25908,6 +26284,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
+ 
+@@ -25922,6 +26299,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
+ 
+@@ -25936,6 +26314,7 @@ Satisfies: SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+             <title>RHEL-09-654250 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25950,6 +26329,7 @@ Satisfies: SRG-OS-000392-GPOS-00172, SRG-OS-000470-GPOS-00214, SRG-OS-000473-GPO
+             <title>RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25964,6 +26344,7 @@ Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPO
+             <title>RHEL-09-654260 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -25978,6 +26359,7 @@ Satisfies: SRG-OS-000392-GPOS-00172, SRG-OS-000470-GPOS-00214, SRG-OS-000473-GPO
+             <title>RHEL-09-654265 - RHEL 9 must take appropriate action when a critical audit processing failure occurs.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -25994,6 +26376,7 @@ Satisfies: SRG-OS-000046-GPOS-00022, SRG-OS-000047-GPOS-00023</description>
+             <title>RHEL-09-654270 - RHEL 9 audit system must protect logon UIDs from unauthorized change.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>If modification of login user identifiers (UIDs) is not prevented, they can be changed by nonprivileged users and make auditing complicated or impossible.
+ 
+@@ -26008,6 +26391,7 @@ Satisfies: SRG-OS-000462-GPOS-00206, SRG-OS-000475-GPOS-00220, SRG-OS-000057-GPO
+             <title>RHEL-09-654275 - RHEL 9 audit system must protect auditing rules from unauthorized change.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -26026,6 +26410,7 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+             <title>RHEL-09-672582300 - RHEL 9 must enable FIPS mode.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. This includes NIST FIPS-validated cryptography for the following: Provisioning digital signatures, generating cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
+ 
+@@ -26040,6 +26425,7 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+             <title>RHEL-09-671015 - RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>The system must use a strong hashing algorithm to store the password.
+ 
+@@ -26056,6 +26442,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-671020 - RHEL 9 IP tunnels must use FIPS 140-2/140-3 approved cryptographic algorithms.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Overriding the system crypto policy makes the behavior of the Libreswan service violate expectations, and makes system configuration more fragmented.</description>
+           </metadata>
+@@ -26068,6 +26455,7 @@ Satisfies: SRG-OS-000073-GPOS-00041, SRG-OS-000120-GPOS-00061</description>
+             <title>RHEL-09-671025 - RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and; therefore, cannot be relied upon to provide confidentiality or integrity, and DOD data may be compromised.
+ 
+@@ -26084,6 +26472,7 @@ FIPS 140-3 is the current standard for validating that mechanisms used to access
+             <title>RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
+ 
+@@ -26098,6 +26487,7 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
+             <title>RHEL-09-672020 - RHEL 9 crypto policy must not be overridden.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
+ 
+@@ -26112,6 +26502,7 @@ Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
+             <title>RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package.</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <description>Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -33331,6 +33722,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190</description>
+             <title>RHEL 9 is installed</title>
+             <affected family="unix">
+               <platform>Red Hat Enterprise Linux 9</platform>
++<platform>AlmaLinux OS 9</platform>
+             </affected>
+             <reference source="CPE" ref_id="cpe:/o:redhat:enterprise_linux:9.0" />
+             <description>RHEL 9 is installed</description>
+diff --git a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
+index 17a1bd387..18b84aa2d 100644
+--- a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
++++ b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # This test only applies to platforms that check the pwquality.conf.d directory
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
+ 
+ truncate -s 0 /etc/security/pwquality.conf
+diff --git a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
+index d10e78e8d..06a10a950 100644
+--- a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
++++ b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # This test only applies to platforms that check the pwquality.conf.d directory
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
+ 
+ # This test will ensure that OVAL also checks the configuration in
+diff --git a/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh b/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
+index a4415d213..7ba758438 100644
+--- a/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
++++ b/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_ubuntu
++# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  # packages = audit
  
- source common.sh
-diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
-index fd902a020..010590172 100644
---- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
-+++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- 
- source common.sh
- 
-diff --git a/shared/templates/audit_rules_syscall_events/ansible.template b/shared/templates/audit_rules_syscall_events/ansible.template
-index 16dec9827..5e953196e 100644
---- a/shared/templates/audit_rules_syscall_events/ansible.template
-+++ b/shared/templates/audit_rules_syscall_events/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_syscall_events/bash.template b/shared/templates/audit_rules_syscall_events/bash.template
-index bd5bb94cb..d1f68626a 100644
---- a/shared/templates/audit_rules_syscall_events/bash.template
-+++ b/shared/templates/audit_rules_syscall_events/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 40c2e96a1..87cd84907 100644
---- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-+++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index f41ed4106..7ba2388b6 100644
---- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-+++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
-index 0ffb15ba1..a7ee3c41d 100644
---- a/shared/templates/audit_rules_usergroup_modification/ansible.template
-+++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
-index a573b6a1b..7011157d8 100644
---- a/shared/templates/grub2_bootloader_argument/ansible.template
-+++ b/shared/templates/grub2_bootloader_argument/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
-index 7a7ba6899..ac12c1878 100644
---- a/shared/templates/grub2_bootloader_argument/bash.template
-+++ b/shared/templates/grub2_bootloader_argument/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
- {{#
-    See the OVAL template for more comments.
-    Product-specific categorization should be synced across all template content types
-diff --git a/shared/templates/grub2_bootloader_argument/blueprint.template b/shared/templates/grub2_bootloader_argument/blueprint.template
-index 7e9ea909e..152f27303 100644
---- a/shared/templates/grub2_bootloader_argument/blueprint.template
-+++ b/shared/templates/grub2_bootloader_argument/blueprint.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
- {{%- if ARG_VARIABLE %}}
- {{%- set ARG_NAME_VALUE = ARG_NAME ~ "=(blueprint-populate " ~ ARG_VARIABLE ~ ")" -%}}
- {{%- endif %}}
+ rm -f /etc/audit/rules.d/*
 diff --git a/shared/templates/grub2_bootloader_argument/kickstart.template b/shared/templates/grub2_bootloader_argument/kickstart.template
 index c5051bcf7..846c0e661 100644
 --- a/shared/templates/grub2_bootloader_argument/kickstart.template
@@ -19073,7 +22627,7 @@ index c5051bcf7..846c0e661 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
-index 4c25b2d95..26100fc4e 100644
+index f36c7d8bc..c465a15a3 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
 @@ -1,6 +1,6 @@
@@ -19083,21 +22637,21 @@ index 4c25b2d95..26100fc4e 100644
 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
  # packages = grub2,grubby
  
- source common.sh
+ {{%- if ARG_VARIABLE %}}
 diff --git a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
-index c6d5b6b1b..8cbc5ae5e 100644
+index c6d5b6b1b..20bcd171a 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_fedora
  # packages = grub2,grubby
  {{%- if ARG_VARIABLE %}}
  # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-index 0ee7a41ca..a31c37bc4 100644
+index 788f128b3..44fa8621e 100644
 --- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
 +++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
 @@ -1,6 +1,6 @@
@@ -19106,28 +22660,8 @@ index 0ee7a41ca..a31c37bc4 100644
 -# platform = multi_platform_fedora,multi_platform_rhel
 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
  # packages = grub2,grubby
- 
- source common.sh
-diff --git a/shared/templates/grub2_bootloader_argument_absent/ansible.template b/shared/templates/grub2_bootloader_argument_absent/ansible.template
-index 51fc98b7a..c6b147d87 100644
---- a/shared/templates/grub2_bootloader_argument_absent/ansible.template
-+++ b/shared/templates/grub2_bootloader_argument_absent/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/shared/templates/grub2_bootloader_argument_absent/bash.template b/shared/templates/grub2_bootloader_argument_absent/bash.template
-index 8d7d6e9ea..18b900e51 100644
---- a/shared/templates/grub2_bootloader_argument_absent/bash.template
-+++ b/shared/templates/grub2_bootloader_argument_absent/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
- {{#
-    See the OVAL template for more comments.
-    Product-specific categorization should be synced across all template content types
+ {{%- if ARG_VARIABLE %}}
+ # variables = {{{ ARG_VARIABLE }}}=correct_value
 diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
 index fc3db8ccd..a12bef4b2 100644
 --- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
@@ -19153,35 +22687,16 @@ index e51f669fd..00a74f76f 100644
  
  # Adds argument with a value from kernel command line in /etc/default/grub
 diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
-index 9eda41566..85128bd51 100644
+index d5d39d91c..2a93954aa 100644
 --- a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
 +++ b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
+ #!/bin/bash
 -# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10
  # packages = grub2,grubby
  
  # Ensure the kernel command line for each installed kernel in the bootloader
-diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
-index b3f7c4121..457c70957 100644
---- a/shared/templates/kernel_module_disabled/ansible.template
-+++ b/shared/templates/kernel_module_disabled/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
- # reboot = true
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
-index 5bf2bffce..683f24818 100644
---- a/shared/templates/kernel_module_disabled/bash.template
-+++ b/shared/templates/kernel_module_disabled/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
- # reboot = true
- # strategy = disable
- # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/kubernetes.template b/shared/templates/kernel_module_disabled/kubernetes.template
 index c77cebfbb..2820e9745 100644
 --- a/shared/templates/kernel_module_disabled/kubernetes.template
@@ -19193,27 +22708,6 @@ index c77cebfbb..2820e9745 100644
  # reboot = true
  # strategy = disable
  # complexity = low
-diff --git a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
-index 8a1319eed..fb20c3b4a 100644
---- a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
-+++ b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
- 
- echo > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
- echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
-diff --git a/shared/templates/mount/anaconda.template b/shared/templates/mount/anaconda.template
-index fdcb4ee3e..0d1d8dc24 100644
---- a/shared/templates/mount/anaconda.template
-+++ b/shared/templates/mount/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = enable
- # complexity = low
 diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
 index 56617467d..3cdacd4db 100644
 --- a/shared/templates/mount/blueprint.template
@@ -19233,46 +22727,6 @@ index fc2bdebd7..3c7833aa7 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  
  logvol {{{ MOUNTPOINT }}} {{{ MIN_SIZE_MB }}}
-diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
-index 083b0ef00..14f7018a9 100644
---- a/shared/templates/mount_option/anaconda.template
-+++ b/shared/templates/mount_option/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/mount_option_removable_partitions/anaconda.template b/shared/templates/mount_option_removable_partitions/anaconda.template
-index 8665fb913..07cd9e3ad 100644
---- a/shared/templates/mount_option_removable_partitions/anaconda.template
-+++ b/shared/templates/mount_option_removable_partitions/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/package_installed/anaconda.template b/shared/templates/package_installed/anaconda.template
-index 0ac55f51f..dd0bcddea 100644
---- a/shared/templates/package_installed/anaconda.template
-+++ b/shared/templates/package_installed/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
-index d19004461..e0d4b55f3 100644
---- a/shared/templates/package_installed/bash.template
-+++ b/shared/templates/package_installed/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
- # reboot = false
- # strategy = enable
- # complexity = low
 diff --git a/shared/templates/package_installed/bootc.template b/shared/templates/package_installed/bootc.template
 index ddac8ef40..86cb91791 100644
 --- a/shared/templates/package_installed/bootc.template
@@ -19293,18 +22747,8 @@ index be0fc1de8..8284a5711 100644
  # reboot = false
  # strategy = enable
  # complexity = low
-diff --git a/shared/templates/package_removed/anaconda.template b/shared/templates/package_removed/anaconda.template
-index 489f9bb0f..0120d927c 100644
---- a/shared/templates/package_removed/anaconda.template
-+++ b/shared/templates/package_removed/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = disable
- # complexity = low
 diff --git a/shared/templates/package_removed/bootc.template b/shared/templates/package_removed/bootc.template
-index 9e3535578..f0a418432 100644
+index eef498941..255ac57a1 100644
 --- a/shared/templates/package_removed/bootc.template
 +++ b/shared/templates/package_removed/bootc.template
 @@ -1,4 +1,4 @@
@@ -19314,7 +22758,7 @@ index 9e3535578..f0a418432 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/package_removed/kickstart.template b/shared/templates/package_removed/kickstart.template
-index 486ebbbdc..963412bac 100644
+index 99f5e33b9..a0b930444 100644
 --- a/shared/templates/package_removed/kickstart.template
 +++ b/shared/templates/package_removed/kickstart.template
 @@ -1,4 +1,4 @@
@@ -19323,372 +22767,92 @@ index 486ebbbdc..963412bac 100644
  # reboot = false
  # strategy = disable
  # complexity = low
-diff --git a/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh b/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-index b3232cc93..97b5d1069 100644
---- a/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
-index 24f5731f6..875972eb2 100644
+index 805d70a75..75b375d26 100644
 --- a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
- pam_files=("password-auth" "system-auth")
+ {{{ tests_init_faillock_vars("correct", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
  
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
-index aa3ca061d..64992df97 100644
+index 3080e4f0c..587c1667e 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
-index 67c1b593b..74bb77abe 100644
---- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
+ {{{ tests_init_faillock_vars("correct", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
-index e770e300f..ae701fdab 100644
+index e3c52ec35..b535bdee6 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  
- authselect select sssd --force
-diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index fd57152b8..664e42beb 100644
---- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
+ {{{ tests_init_faillock_vars("correct", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
+ 
+diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
+index dedc929d5..9d693322e 100644
+--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
++++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
+@@ -1,7 +1,7 @@
  #!/bin/bash
+ {{{ tests_init_faillock_vars("lenient_high", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
+ 
+ 
+ authselect select sssd --force
+diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
+index 74bd19c40..c32bf0331 100644
+--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
++++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
+@@ -1,7 +1,7 @@
+ #!/bin/bash
+ {{{ tests_init_faillock_vars("lenient_low", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
+ # packages = authselect
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
+ 
  
  authselect select sssd --force
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index efb57601c..bac7a6401 100644
+index a5d171fc3..d4aefe5fc 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
-diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
-index e3ec96da0..56c6b75f3 100644
---- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
+ {{{ tests_init_faillock_vars("correct", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index 595b85192..f547b7431 100644
+index 83ebf5402..e28271430 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Oracle Linux 8
  
- authselect select sssd --force
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
-index 0fa452ba0..8e9abbe3a 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+ {{{ tests_init_faillock_vars("stricter", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
  
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
-index 54804685b..1c4b4f3e1 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
-index 1ba8e0cda..02f0e77e9 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
-index 321df77d9..756bdb524 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
-index dc362ae00..36867bb2b 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
-index 4aef9fb84..0b7cbcd5f 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
-index 203f640f5..a127500e8 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
-index f623b6be4..8d4399023 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
-index c825c0b08..746d6dfa4 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
-index a8e723bee..a1e6b245c 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
-index d3f639a2b..b5d757274 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
-index d3be7ffc3..5b4b11307 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
-index c1c5758d8..3e7441a4a 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
-index 3d3bbbd8e..ae10153cd 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
-index 868318728..d744d549d 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
-index 96e9ddaf3..8c8a59a3a 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
-index ec9296694..6bd64894b 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
-index 9dcbe0c2e..b7f6323c9 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
-index dc9ea0eef..9c6694804 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
-index 6acb37ad7..d235e6249 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
-index abdb09c48..9cc24d061 100755
---- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
-+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
- 
- # Declare variables used for the tests and define the create_rsyslog_test_logs function
- source $SHARED/rsyslog_log_utils.sh
-diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
-index a17337508..1e9769b17 100644
---- a/shared/templates/sebool/ansible.template
-+++ b/shared/templates/sebool/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index ecfd73fa8..6c515ced4 100644
---- a/shared/templates/sebool/bash.template
-+++ b/shared/templates/sebool/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/service_disabled/bash.template b/shared/templates/service_disabled/bash.template
-index c8b6826b2..6bbb8eb2a 100644
---- a/shared/templates/service_disabled/bash.template
-+++ b/shared/templates/service_disabled/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- # reboot = false
- # strategy = disable
- # complexity = low
 diff --git a/shared/templates/service_disabled/kickstart.template b/shared/templates/service_disabled/kickstart.template
 index d1e39ae29..7ecd5523e 100644
 --- a/shared/templates/service_disabled/kickstart.template
@@ -19709,15 +22873,15 @@ index 1ab456524..724e7b779 100644
  # reboot = true
  # strategy = disable
  # complexity = low
-diff --git a/shared/templates/service_enabled/bash.template b/shared/templates/service_enabled/bash.template
-index d290a399a..2dc4121f9 100644
---- a/shared/templates/service_enabled/bash.template
-+++ b/shared/templates/service_enabled/bash.template
+diff --git a/shared/templates/service_disabled_guard_var/bash.template b/shared/templates/service_disabled_guard_var/bash.template
+index 0afd3332d..62c4762e7 100644
+--- a/shared/templates/service_disabled_guard_var/bash.template
++++ b/shared/templates/service_disabled_guard_var/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
  # reboot = false
- # strategy = enable
+ # strategy = disable
  # complexity = low
 diff --git a/shared/templates/service_enabled/kickstart.template b/shared/templates/service_enabled/kickstart.template
 index 451af774a..27ac615a2 100644
@@ -19730,87 +22894,67 @@ index 451af774a..27ac615a2 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
-index 6432aa5ce..cfc5131aa 100644
+index 3114b75fe..f9e94ea59 100644
 --- a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
 +++ b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
- 
- source common.sh
- 
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
+ {{%- if XCCDF_VARIABLE %}}
+ # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
+ {{%- endif %}}
 diff --git a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
-index c5390ff13..b3ecbb2e4 100644
+index b05adb222..dde5dc9ca 100644
 --- a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
 +++ b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
  
  mkdir -p /etc/ssh/sshd_config.d
  touch /etc/ssh/sshd_config.d/nothing
 diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
-index 7d55e3d0d..d6f41eeb0 100644
+index d91244f7a..1a36b19e5 100644
 --- a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
 +++ b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
  
  
  {{% if XCCDF_VARIABLE %}}
 diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
-index c68680483..d43ffa3e8 100644
+index 15eb1d870..1da21075e 100644
 --- a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
 +++ b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
  
  {{% if XCCDF_VARIABLE %}}
  # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
 diff --git a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
-index 983eb3fda..08466503b 100644
+index c5f2c41e8..84fbd8696 100644
 --- a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
 +++ b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux OS 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
  
  {{% if XCCDF_VARIABLE %}}
  # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
-diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index b3aafbc27..f2755cdc1 100644
---- a/shared/templates/sysctl/bash.template
-+++ b/shared/templates/sysctl/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = true
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/systemd_mount_enabled/anaconda.template b/shared/templates/systemd_mount_enabled/anaconda.template
-index 42ec0778d..475010b6a 100644
---- a/shared/templates/systemd_mount_enabled/anaconda.template
-+++ b/shared/templates/systemd_mount_enabled/anaconda.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = enable
- # complexity = low
 diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
-index 73810f216..54434bb42 100644
+index feb74e3c4..b82bc305a 100644
 --- a/shared/templates/zipl_bls_entries_option/ansible.template
 +++ b/shared/templates/zipl_bls_entries_option/ansible.template
 @@ -1,4 +1,4 @@
@@ -19829,53 +22973,8 @@ index e14d59dfc..1b236a130 100644
  
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
-diff --git a/ssg/constants.py b/ssg/constants.py
-index 6fefa4ed1..1d40d2cd2 100644
---- a/ssg/constants.py
-+++ b/ssg/constants.py
-@@ -40,6 +40,7 @@ SSG_REF_URIS = {
- product_directories = [
-     'alinux2',
-     'alinux3',
-+    'almalinux9',
-     'anolis8',
-     'anolis23',
-     'al2023',
-@@ -203,6 +204,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
- FULL_NAME_TO_PRODUCT_MAPPING = {
-     "Alibaba Cloud Linux 2": "alinux2",
-     "Alibaba Cloud Linux 3": "alinux3",
-+    "AlmaLinux 9": "almalinux9",
-     "Anolis OS 8": "anolis8",
-     "Anolis OS 23": "anolis23",
-     "Amazon Linux 2023": "al2023",
-@@ -284,7 +286,7 @@ REFERENCES = dict(
- )
- 
- 
--MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
-+MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhv", "debian", "ubuntu",
-                        "openeuler", "kylinserver",
-                        "opensuse", "sle", "ol", "ocp", "rhcos",
-                        "example", "eks", "alinux", "anolis", "openembedded", "al",
-@@ -292,6 +294,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
- 
- MULTI_PLATFORM_MAPPING = {
-     "multi_platform_alinux": ["alinux2", "alinux3"],
-+    "multi_platform_almalinux": ["almalinux9"],
-     "multi_platform_anolis": ["anolis8", "anolis23"],
-     "multi_platform_debian": ["debian11", "debian12"],
-     "multi_platform_example": ["example"],
-@@ -416,6 +419,7 @@ XCCDF_PLATFORM_TO_PACKAGE = {
- # _version_name_map = {
- MAKEFILE_ID_TO_PRODUCT_MAP = {
-     'alinux': 'Alibaba Cloud Linux',
-+    'almalinux': 'AlmaLinux',
-     'anolis': 'Anolis OS',
-     'chromium': 'Google Chromium Browser',
-     'fedora': 'Fedora',
 diff --git a/tests/README.md b/tests/README.md
-index 43978c27d..ffb99bdf0 100644
+index 8b439b7e0..a7017ad50 100644
 --- a/tests/README.md
 +++ b/tests/README.md
 @@ -205,7 +205,7 @@ Using `platform` and `variables` metadata:
@@ -19883,193 +22982,280 @@ index 43978c27d..ffb99bdf0 100644
  ```bash
  #!/bin/bash
 -# platform = Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # variables = auth_enabled=yes,var_example_1=value_example
  
  echo "KerberosAuthentication $auth_enabled" >> /etc/ssh/sshd_config
+diff --git a/tests/data/product_stability/ol7.yml b/tests/data/product_stability/ol7.yml
+index edb6411e3..4d21c0495 100644
+--- a/tests/data/product_stability/ol7.yml
++++ b/tests/data/product_stability/ol7.yml
+@@ -37,7 +37,7 @@ groups:
+   dedicated_ssh_keyowner:
+     name: ssh_keys
+ grub2_boot_path: /boot/grub2
+-grub2_uefi_boot_path: /boot/efi/EFI/redhat
++grub2_uefi_boot_path: /boot/efi/EFI/almalinux
+ grub_helper_executable: grubby
+ init_system: systemd
+ login_defs_path: /etc/login.defs
+diff --git a/tests/data/product_stability/ol8.yml b/tests/data/product_stability/ol8.yml
+index 609a20b12..db4046ad1 100644
+--- a/tests/data/product_stability/ol8.yml
++++ b/tests/data/product_stability/ol8.yml
+@@ -37,7 +37,7 @@ groups:
+   dedicated_ssh_keyowner:
+     name: ssh_keys
+ grub2_boot_path: /boot/grub2
+-grub2_uefi_boot_path: /boot/efi/EFI/redhat
++grub2_uefi_boot_path: /boot/efi/EFI/almalinux
+ grub_helper_executable: grubby
+ init_system: systemd
+ login_defs_path: /etc/login.defs
+diff --git a/tests/data/product_stability/rhel8.yml b/tests/data/product_stability/rhel8.yml
+index 99dfa18bc..fe9fd40ef 100644
+--- a/tests/data/product_stability/rhel8.yml
++++ b/tests/data/product_stability/rhel8.yml
+@@ -89,7 +89,7 @@ groups:
+   dedicated_ssh_keyowner:
+     name: ssh_keys
+ grub2_boot_path: /boot/grub2
+-grub2_uefi_boot_path: /boot/efi/EFI/redhat
++grub2_uefi_boot_path: /boot/efi/EFI/almalinux
+ grub_helper_executable: grubby
+ init_system: systemd
+ journald_conf_dir_path: /etc/systemd/journald.conf.d
+diff --git a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
+index 849ab06f6..1a4927eec 100644
+--- a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
++++ b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
+@@ -368,7 +368,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
+ 
+ If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
+ 
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -378,7 +378,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
+ 
+ Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
+ 
+-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
++$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
+ 
+ GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
+ 
+@@ -6230,11 +6230,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+ 
+ Generate a new grub.cfg file with the following command:
+ 
+-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+ set superusers="[someuniquestringhere]"
+ export superusers
+ 
+diff --git a/tests/shared/grub2.sh b/tests/shared/grub2.sh
+index 10df2e2ad..4379d49a3 100644
+--- a/tests/shared/grub2.sh
++++ b/tests/shared/grub2.sh
+@@ -11,10 +11,10 @@ function set_grub_uefi_root {
+ 		if grep VERSION /etc/os-release | grep -q '9\.'; then
+ 			GRUB_CFG_ROOT=/boot/grub2
+ 		else
+-			GRUB_CFG_ROOT=/boot/efi/EFI/redhat
++			GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
+ 		fi
+ 	elif grep NAME /etc/os-release | grep -iq "Oracle"; then
+-		GRUB_CFG_ROOT=/boot/efi/EFI/redhat
++		GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
+ 	elif grep NAME /etc/os-release | grep -iq "Ubuntu"; then
+ 		GRUB_CFG_ROOT=/boot/grub
+ 	fi
 diff --git a/tests/unit/ssg-module/data/group_dir/rule_dir/bash/rhel.sh b/tests/unit/ssg-module/data/group_dir/rule_dir/bash/rhel.sh
-index 7ea036bf0..b13a6526b 100644
+index 7ea036bf0..493a1c5e7 100644
 --- a/tests/unit/ssg-module/data/group_dir/rule_dir/bash/rhel.sh
 +++ b/tests/unit/ssg-module/data/group_dir/rule_dir/bash/rhel.sh
 @@ -1,4 +1,4 @@
 -# platform = Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9,multi_platform_fedora
  # reboot = false
  # complexity = low
  # strategy = configure
-diff --git a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
-index ff0b30f03..0116294f1 100644
---- a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
-+++ b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
+diff --git a/tests/unit/ssg-module/data/product.yml b/tests/unit/ssg-module/data/product.yml
+index 540ab0181..191dde4ec 100644
+--- a/tests/unit/ssg-module/data/product.yml
++++ b/tests/unit/ssg-module/data/product.yml
+@@ -25,7 +25,7 @@ aux_pkg_version: "5a6340b3"
+ release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
+ auxiliary_key_fingerprint: "7E4624258C406535D56D6F135054E4A45A6340B3"
+ 
+-grub2_uefi_boot_path: "/boot/efi/EFI/redhat"
++grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
+ 
+ cpes_root: "./applicability"
+ cpes:
+diff --git a/tests/unit/ssg-module/test_build_sce_data/selinux_state/sce/shared.sh b/tests/unit/ssg-module/test_build_sce_data/selinux_state/sce/shared.sh
+index 030041eef..a20748b59 100644
+--- a/tests/unit/ssg-module/test_build_sce_data/selinux_state/sce/shared.sh
++++ b/tests/unit/ssg-module/test_build_sce_data/selinux_state/sce/shared.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # check-import = stdout
+-# platform = Red Hat Enterprise Linux 9
++# platform = Red Hat Enterprise Linux 9,AlmaLinux OS 9
+ if [[ $(getenforce) == "Enforcing" ]] ; then
+     exit "$XCCDF_RESULT_PASS"
+ fi
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index b607202c5..175381afb 100644
+index b607202c5..d2b01c32c 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index e5b598342..5608d4124 100644
+index e5b598342..101078b7a 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index 7be3c82f3..96c42acfe 100644
+index 7be3c82f3..cf05f1ba7 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
-index 261dc3f96..2cde26d7d 100644
+index 261dc3f96..d63342f09 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index 356aa3ffe..caba47b8c 100644
+index 356aa3ffe..bdf8b8a09 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 06bd713dd..5d4abd801 100644
+index 06bd713dd..1bdd6314e 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index 56a081eca..aa25f4415 100644
+index 56a081eca..46acd7a12 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
-index 10cb25593..ff169499c 100644
+index 10cb25593..fc624fa74 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
-index a2107d146..6964ade32 100644
+index a2107d146..6e036355c 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_e8
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
-index b06e035fa..a3c503b8d 100644
+index b06e035fa..b984faa43 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 6679f94bd..cc37b1c9d 100644
+index 6679f94bd..d53ffd971 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
-index 116f6b676..15611d80e 100644
+index 116f6b676..5db20bcb9 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
-index 9461c3ddd..6b048f2f5 100644
+index 9461c3ddd..738b04498 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux OS 9
  # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
  # packages = crypto-policies-scripts
  
-diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
-index 1c1560a86..fc86b614e 100644
---- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
-+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
-index 10ecee505..3d3098f4e 100644
---- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
-+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
- # reboot = true
- # strategy = restrict
- # complexity = low
 diff --git a/tests/unit/ssg_test_suite/data/correct.pass.sh b/tests/unit/ssg_test_suite/data/correct.pass.sh
 index 5a2bc1005..c3dfe6dce 100644
 --- a/tests/unit/ssg_test_suite/data/correct.pass.sh
@@ -20083,14 +23269,16 @@ index 5a2bc1005..c3dfe6dce 100644
  # check = oval
  # remediation = none
 diff --git a/utils/ansible_playbook_to_role.py b/utils/ansible_playbook_to_role.py
-index e3c4bc4ae..c2d21331f 100755
+index 537959b6a..c8a1835c8 100755
 --- a/utils/ansible_playbook_to_role.py
 +++ b/utils/ansible_playbook_to_role.py
-@@ -65,6 +65,7 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
- PRODUCT_ALLOWLIST = set([
+@@ -66,6 +66,9 @@ PRODUCT_ALLOWLIST = set([
      "rhel8",
      "rhel9",
+     "rhel10",
++    "almalinux8",
 +    "almalinux9",
++    "almalinux10",
  ])
  
  PROFILE_ALLOWLIST = set([