scap-security-guide/SOURCES/scap-security-guide-0.1.58-rhel8_cis_identifier_update_1-PR_7356.patch

303 lines
17 KiB
Diff
Raw Normal View History

From 5f8264ed7c5580fdd013810a713ab9b3b296bf4a Mon Sep 17 00:00:00 2001
From: Alex Haydock <alex@alexhaydock.co.uk>
Date: Mon, 9 Aug 2021 11:46:22 +0100
Subject: [PATCH] Update RHEL 8 CIS references to match benchmark 1.0.1
---
.../file_groupowner_backup_etc_group/rule.yml | 2 +-
.../file_groupowner_backup_etc_gshadow/rule.yml | 2 +-
.../file_groupowner_backup_etc_passwd/rule.yml | 2 +-
.../file_groupowner_backup_etc_shadow/rule.yml | 2 +-
.../file_groupowner_etc_group/rule.yml | 2 +-
.../file_groupowner_etc_gshadow/rule.yml | 2 +-
.../file_groupowner_etc_shadow/rule.yml | 2 +-
.../file_owner_backup_etc_group/rule.yml | 2 +-
.../file_owner_backup_etc_gshadow/rule.yml | 2 +-
.../file_owner_backup_etc_passwd/rule.yml | 2 +-
.../file_owner_backup_etc_shadow/rule.yml | 2 +-
.../file_owner_etc_group/rule.yml | 2 +-
.../file_owner_etc_gshadow/rule.yml | 2 +-
.../file_owner_etc_shadow/rule.yml | 2 +-
.../file_permissions_backup_etc_group/rule.yml | 2 +-
.../file_permissions_backup_etc_gshadow/rule.yml | 2 +-
.../file_permissions_backup_etc_passwd/rule.yml | 2 +-
.../file_permissions_backup_etc_shadow/rule.yml | 2 +-
.../file_permissions_etc_group/rule.yml | 2 +-
.../file_permissions_etc_gshadow/rule.yml | 2 +-
.../file_permissions_etc_shadow/rule.yml | 2 +-
21 files changed, 21 insertions(+), 21 deletions(-)
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml
index c4a7f19b94..fdbdbb08ad 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_group/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis@rhel7: 6.1.9
- cis@rhel8: 6.1.8
+ cis@rhel8: 6.1.9
cis@ubuntu2004: 6.1.8
ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/group-", group="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml
index 5348e80954..f1f7c7a4d6 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_gshadow/rule.yml
@@ -23,7 +23,7 @@ identifiers:
references:
cis@rhel7: 6.1.6
- cis@rhel8: 6.1.9
+ cis@rhel8: 6.1.7
cis@ubuntu2004: 6.1.3
ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/gshadow-", group=target_group) }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml
index 170f6412cf..26ff82fb51 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_passwd/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis@rhel7: 6.1.3
- cis@rhel8: 6.1.6
+ cis@rhel8: 6.1.3
cis@ubuntu2004: 6.1.6
ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/passwd-", group="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml
index ce50f98e3f..07a3d919e2 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_backup_etc_shadow/rule.yml
@@ -24,7 +24,7 @@ identifiers:
references:
cis@rhel7: 6.1.5
- cis@rhel8: 6.1.7
+ cis@rhel8: 6.1.5
cis@ubuntu2004: 6.1.7
ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/shadow-", group=target_group) }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
index 050dd198c3..7c3c3ac1d2 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.8
- cis@rhel8: 6.1.4
+ cis@rhel8: 6.1.8
cis@ubuntu2004: 6.1.5
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
index 4d4e3ff788..ca65dbc5af 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
@@ -24,7 +24,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.7
- cis@rhel8: 6.1.5
+ cis@rhel8: 6.1.6
cis@ubuntu2004: 6.1.9
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
isa-62443-2009: 4.3.3.7.3
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
index 2af088f528..d59a34ef04 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
@@ -24,7 +24,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.4
- cis@rhel8: 6.1.3
+ cis@rhel8: 6.1.4
cis@ubuntu2004: 6.1.4
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml
index 9021403357..2f2f475abf 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis@rhel7: 6.1.9
- cis@rhel8: 6.1.8
+ cis@rhel8: 6.1.9
cis@ubuntu2004: 6.1.8
ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/group-", owner="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml
index 3f25afef5f..afbcd11696 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml
@@ -17,7 +17,7 @@ identifiers:
references:
cis@rhel7: 6.1.6
- cis@rhel8: 6.1.9
+ cis@rhel8: 6.1.7
cis@ubuntu2004: 6.1.3
ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/gshadow-", owner="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml
index d16f370572..8a3af3ae70 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis@rhel7: 6.1.3
- cis@rhel8: 6.1.6
+ cis@rhel8: 6.1.3
cis@ubuntu2004: 6.1.6
ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/passwd-", owner="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml
index 7ef757c006..508bc355c3 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis@rhel7: 6.1.5
- cis@rhel8: 6.1.7
+ cis@rhel8: 6.1.5
cis@ubuntu2004: 6.1.7
ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/shadow-", owner="root") }}}'
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
index 90fd7b08eb..8e2cb53c67 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
@@ -18,7 +18,7 @@ identifiers:
references:
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.8
- cis@rhel8: 6.1.4
+ cis@rhel8: 6.1.8
cis@sle15: 6.1.6
cis@ubuntu2004: 6.1.5
cjis: 5.5.2.2
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
index cb16d61e88..fb91cee6d7 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
@@ -19,7 +19,7 @@ references:
anssi: BP28(R36)
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.7
- cis@rhel8: 6.1.5
+ cis@rhel8: 6.1.6
cis@ubuntu2004: 6.1.9
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
isa-62443-2009: 4.3.3.7.3
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
index 7c56014953..1099e5e7cc 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
@@ -22,7 +22,7 @@ references:
anssi: BP28(R36)
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.4
- cis@rhel8: 6.1.3
+ cis@rhel8: 6.1.4
cis@ubuntu2004: 6.1.4
cjis: 5.5.2.2
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml
index 11f3818332..5d165a606e 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_group/rule.yml
@@ -19,7 +19,7 @@ identifiers:
references:
cis@rhel7: 6.1.9
- cis@rhel8: 6.1.8
+ cis@rhel8: 6.1.9
cis@sle15: 6.1.9
cis@ubuntu2004: 6.1.8
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml
index 05208fee37..9fd8981485 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_gshadow/rule.yml
@@ -26,7 +26,7 @@ identifiers:
references:
cis@rhel7: 6.1.6
- cis@rhel8: 6.1.9
+ cis@rhel8: 6.1.7
cis@sle15: 6.1.3
cis@ubuntu2004: 6.1.3
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml
index 6de0c5f703..67191c872d 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_passwd/rule.yml
@@ -19,7 +19,7 @@ identifiers:
references:
cis@rhel7: 6.1.3
- cis@rhel8: 6.1.6
+ cis@rhel8: 6.1.3
cis@sle15: 6.1.7
cis@ubuntu2004: 6.1.6
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml
index c9a4fce34c..685427c0a0 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_backup_etc_shadow/rule.yml
@@ -27,7 +27,7 @@ identifiers:
references:
cis@rhel7: 6.1.5
- cis@rhel8: 6.1.7
+ cis@rhel8: 6.1.5
cis@sle15: 6.1.8
cis@ubuntu2004: 6.1.7
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
index 1333bcb57b..fbf650b26d 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
@@ -20,7 +20,7 @@ references:
anssi: BP28(R36)
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.8
- cis@rhel8: 6.1.4
+ cis@rhel8: 6.1.8
cis@sle15: 6.1.6
cis@ubuntu2004: 6.1.5
cjis: 5.5.2.2
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
index c9b3495381..02404617c1 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
@@ -28,7 +28,7 @@ references:
anssi: BP28(R36)
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.7
- cis@rhel8: 6.1.5
+ cis@rhel8: 6.1.6
cis@sle15: 6.1.2
cis@ubuntu2004: 6.1.9
cobit5: APO01.06,DSS05.04,DSS05.07,DSS06.02
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
index acbc478ce9..ff4db782f0 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
@@ -31,7 +31,7 @@ references:
anssi: BP28(R36)
cis-csc: 12,13,14,15,16,18,3,5
cis@rhel7: 6.1.4
- cis@rhel8: 6.1.3
+ cis@rhel8: 6.1.4
cis@sle15: 6.1.5
cis@ubuntu2004: 6.1.4
cjis: 5.5.2.2