diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/0001-Add-AlmaLinux-8-support.patch index cd3857d..8ba27a1 100644 --- a/SOURCES/0001-Add-AlmaLinux-8-support.patch +++ b/SOURCES/0001-Add-AlmaLinux-8-support.patch @@ -1,8 +1,8 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 4c258307d..230d1a5a3 100644 +index 59e3de4d5..d7b8c0c58 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -85,6 +85,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui +@@ -87,6 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui # project. Note that the example product is always disabled unless explicitly asked for. option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) @@ -10,7 +10,7 @@ index 4c258307d..230d1a5a3 100644 option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -@@ -313,6 +314,7 @@ message(STATUS " ") +@@ -317,6 +318,7 @@ message(STATUS " ") message(STATUS "Products:") message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}") message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}") @@ -18,7 +18,7 @@ index 4c258307d..230d1a5a3 100644 message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}") message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}") message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") -@@ -377,6 +379,9 @@ endif() +@@ -382,6 +384,9 @@ endif() if(SSG_PRODUCT_ALINUX3) add_subdirectory("products/alinux3" "alinux3") endif() @@ -29,10 +29,10 @@ index 4c258307d..230d1a5a3 100644 add_subdirectory("products/anolis8" "anolis8") endif() diff --git a/build_product b/build_product -index b3246a268..04c08aa95 100755 +index 8685fffc6..6677ccd71 100755 --- a/build_product +++ b/build_product -@@ -351,6 +351,7 @@ all_cmake_products=( +@@ -359,6 +359,7 @@ all_cmake_products=( AL2023 ALINUX2 ALINUX3 @@ -41,10 +41,10 @@ index b3246a268..04c08aa95 100755 ANOLIS23 CHROMIUM diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake -index 512903f27..033ae16bf 100644 +index 65c96459a..d51b8ce22 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake -@@ -794,7 +794,7 @@ macro(ssg_build_product PRODUCT) +@@ -777,7 +777,7 @@ macro(ssg_build_product PRODUCT) ssg_render_policies_for_product(${PRODUCT}) add_dependencies(render-policies ${PRODUCT}-render-policies) @@ -66,7 +66,7 @@ index f32f248ad..8a05dca3f 100644 - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages diff --git a/controls/anssi.yml b/controls/anssi.yml -index 247a9c44a..e89626d71 100644 +index a03a06d56..0ef44c461 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml @@ -1244,7 +1244,7 @@ controls: @@ -78,13 +78,13 @@ index 247a9c44a..e89626d71 100644 - ensure_oracle_gpgkey_installed - id: R60 -@@ -1362,16 +1362,13 @@ controls: +@@ -1363,16 +1363,13 @@ controls: When authentication takes place through a remote application (network), the authentication protocol used by PAM must be secure (flow encryption, remote server authentication, anti-replay mechanisms, ...). -- {{% if "rhel" in product %}} +- {{% if "rhel" in product or "ol" in families %}} notes: |- - In RHEL systems, remote authentication is handled through sssd service. + In {{{ full_name }}} systems, remote authentication is handled through sssd service. PAM delegates requests for remote authentication to this service through a local Unix socket. The sssd service can use IPA, AD or LDAP as a remote database containing information required for authentication. In case IPA or AD is configured through a documented way, the connection is secured by default. In case LDAP is configured manually, there are several configuration options which should be chedked. @@ -95,11 +95,11 @@ index 247a9c44a..e89626d71 100644 status: automated rules: - package_sssd_installed -@@ -1379,16 +1376,10 @@ controls: +@@ -1380,16 +1377,10 @@ controls: - sssd_enable_pam_services - sssd_ldap_configure_tls_reqcert - sssd_ldap_start_tls -- {{% if product in ["rhel8"] %}} +- {{% if product in ["rhel8","ol8"] %}} - ldap_client_start_tls - ldap_client_tls_cacertpath - {{% endif %}} @@ -112,18 +112,18 @@ index 247a9c44a..e89626d71 100644 - id: R68 title: Protecting stored passwords -@@ -1418,20 +1409,14 @@ controls: +@@ -1419,20 +1410,14 @@ controls: When the user databases are stored on a remote network service, NSS must be configured to establish a secure link that allows, at minimum, to authenticate the server and protect the communication channel. -- {{% if "rhel" in product %}} +- {{% if "rhel" in product or "ol" in families %}} notes: |- A nsswitch service connecting to remote database is provided by sssd. This is checked in requirement R67. Another such service is winbind which is by default configured to connect securely to Samba domains. Other relevant services are NIS and Hesiod. These should not be used. status: automated -- {{% if product in ["rhel8"] %}} +- {{% if product in ["rhel8","ol8"] %}} rules: - no_nis_in_nsswitch - {{% endif %}} @@ -134,10 +134,10 @@ index 247a9c44a..e89626d71 100644 - id: R70 diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml -index f2a4cdc5e..3ac8392cd 100644 +index 825328bc2..f8f2e295a 100644 --- a/controls/cis_rhel10.yml +++ b/controls/cis_rhel10.yml -@@ -360,7 +360,7 @@ controls: +@@ -365,7 +365,7 @@ controls: - l1_workstation status: manual related_rules: @@ -147,7 +147,7 @@ index f2a4cdc5e..3ac8392cd 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml -index 102793f78..07f20d0c0 100644 +index 95b94d22f..1840be10e 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml @@ -353,7 +353,7 @@ controls: @@ -160,7 +160,7 @@ index 102793f78..07f20d0c0 100644 - id: 1.2.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml -index ffa633298..f718a26b1 100644 +index 9004c8426..916505823 100644 --- a/controls/cis_rhel9.yml +++ b/controls/cis_rhel9.yml @@ -360,7 +360,7 @@ controls: @@ -173,7 +173,7 @@ index ffa633298..f718a26b1 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/e8.yml b/controls/e8.yml -index 7656fb7ae..aa66e557c 100644 +index 49a58ef29..ebbffc918 100644 --- a/controls/e8.yml +++ b/controls/e8.yml @@ -23,7 +23,7 @@ controls: @@ -186,7 +186,7 @@ index 7656fb7ae..aa66e557c 100644 - ensure_gpgcheck_local_packages - ensure_gpgcheck_globally_activated diff --git a/controls/hipaa.yml b/controls/hipaa.yml -index a2eaad9c6..28add3325 100644 +index 3de4d53c2..8e5d4f27d 100644 --- a/controls/hipaa.yml +++ b/controls/hipaa.yml @@ -163,7 +163,7 @@ controls: @@ -198,7 +198,7 @@ index a2eaad9c6..28add3325 100644 - ensure_suse_gpgkey_installed status: automated -@@ -1376,7 +1376,7 @@ controls: +@@ -1377,7 +1377,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata @@ -207,7 +207,7 @@ index a2eaad9c6..28add3325 100644 - ensure_suse_gpgkey_installed status: automated -@@ -1406,7 +1406,7 @@ controls: +@@ -1407,7 +1407,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata @@ -216,7 +216,7 @@ index a2eaad9c6..28add3325 100644 - ensure_suse_gpgkey_installed status: automated -@@ -1425,7 +1425,7 @@ controls: +@@ -1426,7 +1426,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata @@ -235,32 +235,32 @@ index a2eaad9c6..28add3325 100644 status: automated diff --git a/controls/ospp.yml b/controls/ospp.yml -index 1734ed07b..052ad09e2 100644 +index 8e3f400ed..4d724aa2b 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml -@@ -552,7 +552,7 @@ controls: +@@ -448,7 +448,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - - ensure_suse_gpgkey_installed status: automated -@@ -566,7 +566,7 @@ controls: + - id: FPT_TUD_EXT.2 +@@ -462,7 +462,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - - ensure_suse_gpgkey_installed status: automated + - id: FPT_TST_EXT.1 diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml -index 644c31313..695166558 100644 +index 17b688dfa..23bbc421c 100644 --- a/controls/pcidss_4.yml +++ b/controls/pcidss_4.yml -@@ -1549,7 +1549,7 @@ controls: +@@ -1554,7 +1554,7 @@ controls: - base status: automated rules: @@ -270,10 +270,10 @@ index 644c31313..695166558 100644 - ensure_gpgcheck_globally_activated - ensure_gpgcheck_never_disabled diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -index 77571c24c..7d36e6e18 100644 +index dbec9fe45..c237f1be4 100644 --- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml +++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -@@ -18,5 +18,8 @@ controls: +@@ -21,5 +21,8 @@ controls: {{% if 'ol' in product %}} - ensure_oracle_gpgkey_installed {{% endif %}} @@ -283,10 +283,10 @@ index 77571c24c..7d36e6e18 100644 status: automated diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml -index c2ce40e0b..2d9836b69 100644 +index b7197b06a..aa351548c 100644 --- a/controls/stig_rhel9.yml +++ b/controls/stig_rhel9.yml -@@ -386,7 +386,7 @@ controls: +@@ -377,7 +377,7 @@ controls: - medium title: RHEL 9 must ensure cryptographic verification of vendor software packages. rules: @@ -296,10 +296,10 @@ index c2ce40e0b..2d9836b69 100644 - id: RHEL-09-214015 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -index fd8bf4e34..5f0aae6d2 100644 +index e6bebd450..f7e5aafe7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -309,10 +309,10 @@ index fd8bf4e34..5f0aae6d2 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -index eb9a71a7b..80fcd15f7 100644 +index cf3b21bf6..206da499d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -322,7 +322,7 @@ index eb9a71a7b..80fcd15f7 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -index 9156638e0..7f5eb7604 100644 +index a7f46731e..5fc3d44ca 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml @@ -56,7 +56,7 @@ references: @@ -335,10 +335,10 @@ index 9156638e0..7f5eb7604 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -index 81b53a1cf..eafe0c1e3 100644 +index b3364fc80..1b969719b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -348,10 +348,10 @@ index 81b53a1cf..eafe0c1e3 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -index ebb226f25..db078650e 100644 +index 7c5693c16..4f573385c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -361,10 +361,10 @@ index ebb226f25..db078650e 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -index f5ab89e09..89f4de9ca 100644 +index 737e93b2c..55c76bd4b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -374,41 +374,9 @@ index f5ab89e09..89f4de9ca 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -index 3b17acca6..8cbd92db5 100644 +index 2f100463b..798dcb4e1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -@@ -11,13 +11,13 @@ description: |- - startup (the default), add the following line to a file with suffix - .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

-@@ -25,13 +25,13 @@ description: |- - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S fremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - @@ -73,7 +73,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030440 @@ -419,39 +387,10 @@ index 3b17acca6..8cbd92db5 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010147 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -index 9756ead9e..6ce5e2956 100644 +index d61618227..57509f135 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -@@ -9,24 +9,24 @@ description: |- - startup (the default), add the following line to a file with suffix - .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the auditd daemon is configured to use the auditctl - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S fsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - -@@ -68,7 +68,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -461,7 +400,7 @@ index 9756ead9e..6ce5e2956 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010144 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -index 595325237..50269460a 100644 +index 9ea9c6dae..ea9541036 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml @@ -59,7 +59,7 @@ references: @@ -474,42 +413,10 @@ index 595325237..50269460a 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -index 240ad18ff..de91e0778 100644 +index 680e67380..9467cfde6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -@@ -11,13 +11,13 @@ description: |- - startup (the default), add the following line to a file with suffix - .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

-@@ -25,13 +25,13 @@ description: |- - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S lremovexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - -@@ -73,7 +73,7 @@ references: +@@ -72,7 +72,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -519,39 +426,10 @@ index 240ad18ff..de91e0778 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010146 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -index 574ecc36d..e276b71e7 100644 +index ec9986acf..c070d926b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -@@ -9,24 +9,24 @@ description: |- - startup (the default), add the following line to a file with suffix - .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the auditd daemon is configured to use the auditctl - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S lsetxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - -@@ -68,7 +68,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -561,42 +439,10 @@ index 574ecc36d..e276b71e7 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010143 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -index 9c88331a0..bccee4bd2 100644 +index c9f5d6167..cb0fcc0d4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -@@ -10,13 +10,13 @@ description: |- - program to read audit rules during daemon startup (the default), add the - following line to a file with suffix .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

-@@ -24,13 +24,13 @@ description: |- - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} -

- If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S removexattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - -@@ -72,7 +72,7 @@ references: +@@ -71,7 +71,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -606,39 +452,10 @@ index 9c88331a0..bccee4bd2 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010145 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -index 8c8f9b4df..a7352291a 100644 +index 23641d310..74e0f6661 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -@@ -9,24 +9,24 @@ description: |- - startup (the default), add the following line to a file with suffix - .rules in the directory /etc/audit/rules.d: - 
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the auditd daemon is configured to use the auditctl - utility to read audit rules during daemon startup, add the following line to - /etc/audit/audit.rules file: - 
-a always,exit -F arch=b32 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - If the system is 64 bit then also add the following line: - 
-a always,exit -F arch=b64 -S setxattr -F auid>={{{ auid }}} -F auid!=unset -F key=perm_mod
--{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] or 'ubuntu' in product %}} -+{{%- if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] or 'ubuntu' in product %}} - 
-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod
- {{%- endif %}} - -@@ -68,7 +68,7 @@ references: +@@ -67,7 +67,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000466-GPOS-00210,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -648,7 +465,7 @@ index 8c8f9b4df..a7352291a 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010142 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml -index 9771c91f0..b8707173d 100644 +index 122e7f039..42e04c66d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml @@ -39,7 +39,7 @@ references: @@ -661,7 +478,7 @@ index 9771c91f0..b8707173d 100644 stigid@sle15: SLES-15-030440 stigid@ubuntu2004: UBTU-20-010168 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml -index de22361ed..7d6267482 100644 +index 2709c0194..34972cd3a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml @@ -38,7 +38,7 @@ references: @@ -674,16 +491,10 @@ index de22361ed..7d6267482 100644 stigid@sle15: SLES-15-030430 stigid@ubuntu2004: UBTU-20-010167 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -index 2fe1d2081..cc94cb6d1 100644 +index cf9c4a921..b5e598077 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -60,7 +60,7 @@ references: +@@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030580 stigid@ol8: OL08-00-030260 @@ -692,27 +503,11 @@ index 2fe1d2081..cc94cb6d1 100644 stigid@sle12: SLES-12-020630 stigid@sle15: SLES-15-030450 stigid@ubuntu2004: UBTU-20-010165 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml -index ecf5cc94c..8127aba3e 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -index 7f9a6d07e..23b168538 100644 +index 4f82ad52f..286057025 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -57,7 +57,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030560 stigid@ol8: OL08-00-030313 @@ -722,15 +517,9 @@ index 7f9a6d07e..23b168538 100644 {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -index fde14f70c..f0e64ed95 100644 +index 0a50c48a2..0afecada6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -46,7 +46,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030590 @@ -741,16 +530,10 @@ index fde14f70c..f0e64ed95 100644 {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -index 7373a058f..620b43858 100644 +index c518e6d67..b9cd3277f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000463-GPOS-00207,SRG-OS-000465-GPOS-00209,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250 stigid@ol7: OL07-00-030570 stigid@ol8: OL08-00-030316 @@ -759,16 +542,6 @@ index 7373a058f..620b43858 100644 {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}} -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml -index 83c97ec3e..8e1a7bd6b 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh index 53e61fb25..e9a0edcde 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh @@ -780,10 +553,10 @@ index 53e61fb25..e9a0edcde 100644 # Perform the remediation for the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -index 7c58ae362..e58c0a66c 100644 +index 34a2c9e89..fa6cf8dbb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -793,22 +566,9 @@ index 7c58ae362..e58c0a66c 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -index 584aba62b..8c2ff4f90 100644 +index effea5c05..4e2e5346e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -@@ -51,7 +51,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 - stigid@ol7: OL07-00-030910 - stigid@ol8: OL08-00-030361 -- stigid@rhel8: RHEL-08-030361 -+ stigid@almalinux8: RHEL-08-030361 - stigid@ubuntu2004: UBTU-20-010267 - stigid@ubuntu2204: UBTU-22-654185 - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -index 0be8a7773..a31d10986 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml @@ -50,7 +50,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 @@ -818,11 +578,24 @@ index 0be8a7773..a31d10986 100644 stigid@ubuntu2004: UBTU-20-010267 stigid@ubuntu2204: UBTU-22-654185 +diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +index ab5a8cff6..8b6d610da 100644 +--- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml ++++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml +@@ -49,7 +49,7 @@ references: + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 + stigid@ol7: OL07-00-030910 + stigid@ol8: OL08-00-030361 +- stigid@rhel8: RHEL-08-030361 ++ stigid@almalinux8: RHEL-08-030361 + stigid@ubuntu2004: UBTU-20-010267 + stigid@ubuntu2204: UBTU-22-654185 + diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -index 4a3ea244f..fe2c724a1 100644 +index dd8371ba2..adb014c81 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -832,10 +605,10 @@ index 4a3ea244f..fe2c724a1 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -index 1f244c22c..37c93d28a 100644 +index f871dd645..21236561c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -@@ -51,7 +51,7 @@ references: +@@ -50,7 +50,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -855,10 +628,10 @@ index 8a48783f6..b846f8113 100644 # Perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -index 3ce85736b..a55518b71 100644 +index 1146fe8fd..f3d479376 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -@@ -63,7 +63,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -868,10 +641,10 @@ index 3ce85736b..a55518b71 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -index 1a2e8872e..c052b6161 100644 +index 401a76aa7..105d9a69a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -@@ -63,7 +63,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -881,7 +654,7 @@ index 1a2e8872e..c052b6161 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml -index c76be1ec2..df4770170 100644 +index d40e5cecc..74615a3e2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -66,7 +66,7 @@ references: @@ -894,10 +667,10 @@ index c76be1ec2..df4770170 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -index 75ccce65a..bff042a9c 100644 +index 86297fe41..3d17494ac 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -961,10 +734,10 @@ index c944fb9e6..b506644af 100644 {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -index ea27ed7ae..0c09f4355 100644 +index 5f27a832e..d04e00dac 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -@@ -63,7 +63,7 @@ references: +@@ -62,7 +62,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -1001,10 +774,10 @@ index c944fb9e6..b506644af 100644 {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -index b7dfb97bc..e06ed72fa 100644 +index 5671f0af5..5570dc4c6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -@@ -62,7 +62,7 @@ references: +@@ -61,7 +61,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -1035,12 +808,12 @@ index bdf3015c4..658327033 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml -index 2e008b37e..7e74c94e7 100644 +index 1ee266d25..a32ed4e88 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian # reboot = false # complexity = low # disruption = low @@ -1056,7 +829,7 @@ index 7c8e520c1..e5c1d9d93 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -index ef57f15df..5ed813b8a 100644 +index 1fc076fe8..8513b30b5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -55,7 +55,7 @@ references: @@ -1080,12 +853,12 @@ index 1bf2449b4..ddf95ef93 100644 rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml -index 9349085f7..b20604aa7 100644 +index 6d545f87c..613960cbc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian # reboot = false # complexity = low # disruption = low @@ -1101,7 +874,7 @@ index 639d76a21..7f4d463d6 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml -index dc209d409..1aad35942 100644 +index 2756d56fa..a260684e6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -54,7 +54,7 @@ references: @@ -1146,10 +919,10 @@ index 083a612a0..3228b89b7 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -index f011b9f99..6b3dcf8c6 100644 +index aa51a41ce..2e6874034 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 @@ -1191,10 +964,10 @@ index 1ea2bcfa9..06d0f131a 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml -index b7b7ab66c..57a69e97b 100644 +index 3d2a43291..a91e740bc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml -@@ -50,7 +50,7 @@ references: +@@ -49,7 +49,7 @@ references: srg: SRG-OS-000392-GPOS-00172,SRG-OS-000470-GPOS-00214,SRG-OS-000473-GPOS-00218,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030610 stigid@ol8: OL08-00-030590 @@ -1204,7 +977,7 @@ index b7b7ab66c..57a69e97b 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh -index 123bfa32f..202a1488f 100644 +index e8b40c40b..c003a3101 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh @@ -1,6 +1,6 @@ @@ -1214,9 +987,9 @@ index 123bfa32f..202a1488f 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh -index 2c17afeaa..0ddf37750 100644 +index b1e45d310..5eff48e99 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ @@ -1226,9 +999,9 @@ index 2c17afeaa..0ddf37750 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh -index ea2066f6f..3765d856b 100644 +index c602f8e49..2e041b718 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ @@ -1238,9 +1011,9 @@ index ea2066f6f..3765d856b 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh -index 609e9755d..bca002bc9 100644 +index 00e9c031c..d29dcd262 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ @@ -1250,9 +1023,9 @@ index 609e9755d..bca002bc9 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh -index caf40c54b..9bb1ab7de 100644 +index 8c380177f..5e0608d35 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ @@ -1262,9 +1035,9 @@ index caf40c54b..9bb1ab7de 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh -index ee1fdc951..08606fcac 100644 +index a321ab78b..fa8cd80bb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ @@ -1274,7 +1047,7 @@ index ee1fdc951..08606fcac 100644 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 # profiles = xccdf_org.ssgproject.content_profile_cis - path="/var/run/faillock" + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh index e2750dbee..6a2992c9d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh @@ -1348,7 +1121,7 @@ index b14bc1951..81934f021 100644 path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -index 9aa93edd1..ca48a2ddb 100644 +index 740f309db..69b434b79 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -51,7 +51,7 @@ references: @@ -1371,7 +1144,7 @@ index b3f4eb102..e6bb717eb 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh -index 8615165ec..002902145 100644 +index 3526d3fea..046a977ca 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh @@ -1,5 +1,5 @@ @@ -1380,9 +1153,9 @@ index 8615165ec..002902145 100644 -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 - sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service + {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh -index bc3f67c9c..a37ccd0bf 100644 +index 1fbd8ba8a..65ac95bb2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh @@ -1,6 +1,6 @@ @@ -1391,10 +1164,10 @@ index bc3f67c9c..a37ccd0bf 100644 -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 - ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules - sed -i '/newgrp/d' /etc/audit/audit.rules + {{{ setup_auditctl_environment() }}} + diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh -index ed2cc6c29..13cbaac12 100644 +index 20fee9f76..71dfe4b3c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh @@ -1,6 +1,6 @@ @@ -1403,10 +1176,10 @@ index ed2cc6c29..13cbaac12 100644 -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 - echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/audit.rules - sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service + {{{ setup_auditctl_environment() }}} + diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh -index e1d5d05df..6a758969a 100644 +index 5cc15361e..2e18c47f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh @@ -1,6 +1,6 @@ @@ -1415,10 +1188,10 @@ index e1d5d05df..6a758969a 100644 -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 - ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules - sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service + {{{ setup_auditctl_environment() }}} + diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh -index ec89d9ce8..81e0062b1 100644 +index dc7ae3bdf..ff7f21c64 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh @@ -1,6 +1,6 @@ @@ -1427,8 +1200,8 @@ index ec89d9ce8..81e0062b1 100644 -# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 - ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules - sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/audit.rules + {{{ setup_auditctl_environment() }}} + diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh index ee36da807..bd848737d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh @@ -1582,26 +1355,10 @@ index 81fc6dd16..9c3f84ef8 100644 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml -index 9157c17f2..96430b053 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -index 699c2d8c3..7e7bcf847 100644 +index dbf4f7d14..e3b55cf54 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030660 @@ -1612,15 +1369,9 @@ index 699c2d8c3..7e7bcf847 100644 stigid@sle15: SLES-15-030120 stigid@ubuntu2004: UBTU-20-010175 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -index 8c2f54aa9..2e3d2d017 100644 +index b97f30b63..208474d14 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030720 @@ -1631,15 +1382,9 @@ index 8c2f54aa9..2e3d2d017 100644 stigid@sle15: SLES-15-030100 stigid@ubuntu2004: UBTU-20-010163 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -index 457617560..cd2e64dfa 100644 +index 349d0223f..593b9c899 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030800 @@ -1649,47 +1394,11 @@ index 457617560..cd2e64dfa 100644 stigid@sle12: SLES-12-020710 stigid@sle15: SLES-15-030130 stigid@ubuntu2004: UBTU-20-010177 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml -index f911a1d55..358b71f93 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml -index 561a4974d..bb56e972a 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml -index b500a24a9..01cb59eaa 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -index 90b3941f0..7b093b1df 100644 +index ce3300918..d7199bdb3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5" ,"ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5" ,"ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -60,7 +60,7 @@ references: +@@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030650 stigid@ol8: OL08-00-030370 @@ -1698,16 +1407,6 @@ index 90b3941f0..7b093b1df 100644 stigid@sle12: SLES-12-020560 stigid@sle15: SLES-15-030080 stigid@ubuntu2004: UBTU-20-010174 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml -index 88a766528..edaecb808 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml index 6c114c13c..5c5f7185c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml @@ -1729,7 +1428,7 @@ index f4fff8181..6c379ca01 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml -index db18a8315..d91268147 100644 +index 6b0577551..417636fce 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml @@ -46,7 +46,7 @@ references: @@ -1762,16 +1461,10 @@ index c4c78f756..c9c2d7239 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -index 0a926a6e8..7393dd0c1 100644 +index bc987e798..4832377c3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -49,7 +49,7 @@ references: +@@ -48,7 +48,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030300 @@ -1780,37 +1473,11 @@ index 0a926a6e8..7393dd0c1 100644 stigid@sle12: SLES-12-020290 stigid@ubuntu2004: UBTU-20-010138 stigid@ubuntu2204: UBTU-22-654065 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml -index aaf7d582d..0f759dcb5 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml -index 2576c601a..55d2993e2 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -index 03ef13994..8f520eac6 100644 +index 8ff611ce5..7047c1cd6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -60,7 +60,7 @@ references: +@@ -59,7 +59,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030710 stigid@ol8: OL08-00-030350 @@ -1819,46 +1486,24 @@ index 03ef13994..8f520eac6 100644 stigid@sle12: SLES-12-020570 stigid@sle15: SLES-15-030090 stigid@ubuntu2004: UBTU-20-010164 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml -index eade8c773..5d32b12d7 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -index d8f56e495..97ba7493d 100644 +index f749a53f8..b59bca4d1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -64,7 +64,7 @@ references: +@@ -63,7 +63,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030810 stigid@ol8: OL08-00-030340 - stigid@rhel8: RHEL-08-030340 + stigid@almalinux8: RHEL-08-030340 stigid@sle12: SLES-12-020720 - stigid@sle15: SLES-15-030510 + stigid@sle15: SLES-15-030510 stigid@ubuntu2004: UBTU-20-010178 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -index e56a86204..6ebc06ffb 100644 +index fa96437c0..ca4f97962 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -58,7 +58,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030630 stigid@ol8: OL08-00-030290 @@ -1867,36 +1512,10 @@ index e56a86204..6ebc06ffb 100644 stigid@sle12: SLES-12-020550 stigid@sle15: SLES-15-030070 stigid@ubuntu2004: UBTU-20-010172 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml -index 6c01ca01c..8fd85c1fa 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml -index 69d289386..f97037894 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -index 778db53e1..7073582bd 100644 +index 4625b87e0..981a4717a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030760 @@ -1907,15 +1526,9 @@ index 778db53e1..7073582bd 100644 {{{ ocil_fix_srg_privileged_command("postdrop") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -index ab922936f..7c9f6725a 100644 +index fe137e041..cb46d5141 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030770 @@ -1925,16 +1538,6 @@ index ab922936f..7c9f6725a 100644 {{{ ocil_fix_srg_privileged_command("postqueue") }}} -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml -index b3117ec8c..8e116283f 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml index 7e18fe435..a27adad2d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml @@ -1956,7 +1559,7 @@ index 102d4b40b..f9a428790 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml -index c5e3c24f9..6f871b13b 100644 +index 670dc8ffc..4a3f802f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml @@ -41,7 +41,7 @@ references: @@ -1969,16 +1572,10 @@ index c5e3c24f9..6f871b13b 100644 stigid@sle15: SLES-15-030370 stigid@ubuntu2004: UBTU-20-010140 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -index 1ab729e15..c48e1e465 100644 +index 3b28014d9..41c6e45a1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -67,7 +67,7 @@ references: +@@ -66,7 +66,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030780 stigid@ol8: OL08-00-030320 @@ -1987,58 +1584,12 @@ index 1ab729e15..c48e1e465 100644 stigid@sle12: SLES-12-020320 stigid@sle15: SLES-15-030060 stigid@ubuntu2004: UBTU-20-010141 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml -index f605a88d0..0e5353700 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml -index 1abe26173..e62902371 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml -index 39e36b02f..ba0f13097 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml -index 1450e43e8..2a19ec4a9 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -index f65a2c582..5349f6b08 100644 +index a9f55f14d..eec33824e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 +@@ -57,7 +57,7 @@ references: + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-0003,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030680 stigid@ol8: OL08-00-030190 - stigid@rhel8: RHEL-08-030190 @@ -2047,11 +1598,11 @@ index f65a2c582..5349f6b08 100644 stigid@sle15: SLES-15-030550 stigid@ubuntu2004: UBTU-20-010136 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -index bbab6b794..beccbff5f 100644 +index 01189ac3a..35f1f08cd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -@@ -59,7 +59,7 @@ references: - srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 +@@ -58,7 +58,7 @@ references: + srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030690 stigid@ol8: OL08-00-030550 - stigid@rhel8: RHEL-08-030550 @@ -2059,26 +1610,10 @@ index bbab6b794..beccbff5f 100644 stigid@sle12: SLES-12-020260 stigid@sle15: SLES-15-030560 stigid@ubuntu2004: UBTU-20-010161 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml -index 49e688630..53e5d690b 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "slmicro5" ,"ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "slmicro5" ,"ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -index 74f5baa80..823169a85 100644 +index a00cb6231..f398b9790 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - @@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085 stigid@ol7: OL07-00-030750 @@ -2089,16 +1624,10 @@ index 74f5baa80..823169a85 100644 stigid@ubuntu2004: UBTU-20-010139 stigid@ubuntu2204: UBTU-22-654115 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -index 4bf53b3d9..a6d90bf97 100644 +index d0fa760e5..d70fbbae2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -60,7 +60,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030640 stigid@ol8: OL08-00-030317 @@ -2108,11 +1637,11 @@ index 4bf53b3d9..a6d90bf97 100644 stigid@sle15: SLES-15-030110 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml -index 0f636013e..2bc908ba5 100644 +index 655f14784..cb8c772ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml @@ -38,7 +38,7 @@ references: - disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884 + disa: CCI-000172,CCI-000130,CCI-000135,CCI-000169,CCI-002884 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000064-GPOS-00033,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol8: OL08-00-030310 - stigid@rhel8: RHEL-08-030310 @@ -2121,16 +1650,10 @@ index 0f636013e..2bc908ba5 100644 stigid@ubuntu2204: UBTU-22-654120 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -index f27698264..2c81cc7c6 100644 +index 7b5ffa69d..06263dfc0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -@@ -55,7 +55,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030670 stigid@ol8: OL08-00-030315 @@ -2140,7 +1663,7 @@ index f27698264..2c81cc7c6 100644 {{{ ocil_fix_srg_privileged_command("userhelper") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml -index c68ccebf3..2212e341b 100644 +index d54a24124..129eaeae3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml @@ -43,7 +43,7 @@ references: @@ -2152,36 +1675,6 @@ index c68ccebf3..2212e341b 100644 stigid@sle12: SLES-12-020700 stigid@sle15: SLES-15-030500 stigid@ubuntu2004: UBTU-20-010176 -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml -index a0ec6851a..99507d67f 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} -+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml -index bf42d77e9..3763be971 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - -diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml -index 264d2b88e..fcfdc220d 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml -+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml -@@ -1,4 +1,4 @@ --{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} -+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15", "ubuntu2004", "ubuntu2204"]%}} - {{%- set perm_x="-F perm=x " %}} - {{%- endif %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh index b57078075..5d03b92a6 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh @@ -2204,7 +1697,7 @@ index 26d02c24e..28daa9106 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -index 59da89382..5a4e693d5 100644 +index 1eae30fa7..356531c34 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml @@ -51,7 +51,7 @@ references: @@ -2227,11 +1720,11 @@ index 94768073f..6fd009b50 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml -index a5ad9177e..a3ffd49b9 100644 +index ecdc6aa7e..50b9dc000 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/rule.yml @@ -32,7 +32,7 @@ references: - disa: CCI-000162,CCI-000163,CCI-000164 + disa: CCI-000163,CCI-000172,CCI-000164,CCI-000162 srg: SRG-OS-000462-GPOS-00206,SRG-OS-000475-GPOS-00220,SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029 stigid@ol8: OL08-00-030122 - stigid@rhel8: RHEL-08-030122 @@ -2291,10 +1784,10 @@ index b61368c0c..eb3bf47f9 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/usr/share/selinux/", "wa", "MAC-policy") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -index ffdb47ef8..044182ef4 100644 +index 766663e81..c3ab87953 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -@@ -51,7 +51,7 @@ references: +@@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030302 @@ -2355,11 +1848,11 @@ index 8b2377d44..39c2bba69 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml -index 71db3944b..a4ad95eaf 100644 +index 20c0566d6..c00ed3d39 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -33,7 +33,7 @@ references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030171 - stigid@rhel8: RHEL-08-030171 @@ -2368,11 +1861,11 @@ index 71db3944b..a4ad95eaf 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml -index 6682de457..dfe8a0343 100644 +index 7a7c522d9..3265b03bf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml @@ -33,7 +33,7 @@ references: - disa: CCI-000018,CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-001403,CCI-001404,CCI-002130,CCI-002132,CCI-002884 + disa: CCI-001403,CCI-001404,CCI-001405,CCI-000172,CCI-000130,CCI-002130,CCI-000135,CCI-000169,CCI-002884,CCI-000018,CCI-000015 srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol8: OL08-00-030172 - stigid@rhel8: RHEL-08-030172 @@ -2381,7 +1874,7 @@ index 6682de457..dfe8a0343 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml -index 64e8dde85..3d4f65278 100644 +index 0e882f8c9..e18326c0d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -2401,22 +1894,22 @@ index 15d6fa4e2..7f98c9915 100644 # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml -index 4b841e808..80473d8ce 100644 +index 340551b27..3dcf0ed87 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh -index 8fdd7e75a..9c16b41cc 100644 +index 424d65c1f..f787822c0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system @@ -2432,11 +1925,11 @@ index 323a798b1..46fad7416 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -index 5f2c9adb5..115a6c48f 100644 +index bd05c372a..28c92b0f4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -@@ -55,7 +55,7 @@ references: - srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905 +@@ -56,7 +56,7 @@ references: + srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 stigid@ol8: OL08-00-030000 - stigid@rhel8: RHEL-08-030000 @@ -2445,12 +1938,12 @@ index 5f2c9adb5..115a6c48f 100644 stigid@sle15: SLES-15-030640 stigid@ubuntu2004: UBTU-20-010211 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh -index 027623091..c1c2c1952 100644 +index 1dfe6124c..7e915ca96 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' @@ -2476,7 +1969,7 @@ index 07965e2c7..908fa6e54 100644 # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -index cfbfe0714..5e61494c5 100644 +index 9bb644fb7..597211c7e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -56,7 +56,7 @@ references: @@ -2489,10 +1982,10 @@ index cfbfe0714..5e61494c5 100644 stigid@sle15: SLES-15-030010 stigid@ubuntu2004: UBTU-20-010101 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -index 0a6c4310a..dab669a32 100644 +index 61e7ce7be..fd13a8fd5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030872 stigid@ol8: OL08-00-030160 @@ -2502,7 +1995,7 @@ index 0a6c4310a..dab669a32 100644 stigid@sle15: SLES-15-030040 stigid@ubuntu2004: UBTU-20-010103 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -index 90c7bf27f..7ba76f5d3 100644 +index 5a62a050c..db6ddd67c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -57,7 +57,7 @@ references: @@ -2515,10 +2008,10 @@ index 90c7bf27f..7ba76f5d3 100644 stigid@sle15: SLES-15-030030 stigid@ubuntu2004: UBTU-20-010104 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -index 88018f880..d78f395c4 100644 +index adb4bfb33..c452fa1cc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030870 stigid@ol8: OL08-00-030150 @@ -2528,7 +2021,7 @@ index 88018f880..d78f395c4 100644 stigid@sle15: SLES-15-030000 stigid@ubuntu2004: UBTU-20-010100 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -index 8898621ec..ca021d148 100644 +index 10c1feb90..66a67c858 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -56,7 +56,7 @@ references: @@ -2653,7 +2146,7 @@ index ec17adf55..0ecb4079c 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml -index 3b26e99e8..dc322358e 100644 +index b648f54cc..87157586f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml @@ -36,7 +36,7 @@ references: @@ -2678,7 +2171,7 @@ index 09d4e8ff5..6a8e8bdab 100644 groupadd group_test diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml -index 0452f5531..b09620116 100644 +index de4d603cd..a76d9c19b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml @@ -32,7 +32,7 @@ references: @@ -2914,7 +2407,7 @@ index 0b42da512..013401d8c 100644 if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml -index bb6c258e5..121bec237 100644 +index 19e01c03a..9588a89c8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml @@ -50,7 +50,7 @@ references: @@ -2971,22 +2464,22 @@ index 003e3330f..368540adc 100644 source common_0600.sh diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml -index 1e0529f08..9ed9948a4 100644 +index 083f32d74..655635941 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh -index f17751e98..df9a32a67 100644 +index e5743cfad..b60215a3e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_audispd_remote_server") }}} @@ -3015,10 +2508,10 @@ index 0bfa82083..93b11eb05 100644 . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml -index e707bb225..48a7c1446 100644 +index 5f12eb017..73493b7cf 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml -@@ -47,7 +47,7 @@ references: +@@ -48,7 +48,7 @@ references: nist@sle15: AU-4 srg: SRG-OS-000341-GPOS-00132,SRG-OS-000342-GPOS-00133 stigid@ol8: OL08-00-030660 @@ -3028,48 +2521,48 @@ index e707bb225..48a7c1446 100644 stigid@sle15: SLES-15-030660 stigid@ubuntu2004: UBTU-20-010215 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml -index 942cd0f5d..a53df57b1 100644 +index d4ba66ac7..de8c26b9c 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh -index 36e7f8cda..842f3922d 100644 +index 76c1ad183..18a751f06 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_audispd_disk_full_action") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh -index be3e74b0b..b6f46f51e 100644 +index 5e49158b5..e365ecf5f 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/bash/shared.sh @@ -1,7 +1,7 @@ # platform = multi_platform_all AUDISP_REMOTE_CONFIG="{{{ audisp_conf_path }}}/audisp-remote.conf" --{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} +-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}} option="^transport" value="KRB5" {{% else %}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml -index e8d055f90..467e50704 100644 +index f5932e35a..b5c0dd6d6 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/oval/shared.xml @@ -2,7 +2,7 @@ -- {{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+ {{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} +- {{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}} ++ {{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}} {{{ oval_metadata("transport setting in " + audisp_config_file_path + " is set to 'KRB5'") }}} {{% else %}} {{{ oval_metadata("enable_krb5 setting in " + audisp_config_file_path + " is set to 'yes'") }}} @@ -3077,21 +2570,21 @@ index e8d055f90..467e50704 100644 {{{ audisp_config_file_path }}} --{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} +-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}} ^[ ]*transport[ ]+=[ ]+KRB5[ ]*$ {{% else %}} ^[ ]*enable_krb5[ ]+=[ ]+yes[ ]*$ diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml -index a7707339f..f555aebd3 100644 +index a08582b06..f0daf5ff4 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml @@ -6,7 +6,7 @@ title: 'Encrypt Audit Records Sent With audispd Plugin' description: |- Configure the operating system to encrypt the transfer of off-loaded audit records onto a different system or media from the system being audited. --{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} +-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}} Set the transport option in 
{{{ audisp_conf_path }}}/audisp-remote.conf
to KRB5. {{% else %}} @@ -3099,20 +2592,11 @@ index a7707339f..f555aebd3 100644 ocil: |- To verify the audispd plugin encrypts audit records off-loaded onto a different system or media from the system being audited, run the following command: --{{% if product in ["rhel8", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4"] %}} +-{{% if product in ["rhel8", "fedora", "ol8", "rhv4", "sle15"] %}} ++{{% if product in ["rhel8", "almalinux8", "fedora", "ol8", "rhv4", "sle15"] %}} 
$ sudo grep -i transport {{{ audisp_conf_path }}}/audisp-remote.conf
The output should return the following: 
transport = KRB5
-@@ -55,7 +55,7 @@ ocil: |- - - fixtext: |- - Configure {{{ full_name }}} to encrypt audit records sent with audispd plugin. --{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}} -+{{% if product in ["rhel8", "almalinux8", "rhel9", "fedora", "ol8", "rhv4"] %}} - Set the "transport" option in "{{{ audisp_conf_path }}}/audisp-remote.conf" to "KRB5". - {{% else %}} - Uncomment the "enable_krb5" option in "{{{ audisp_conf_path }}}/audisp-remote.conf", diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh index 1ee02140b..711b6593d 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/tests/transport_bogus_value.fail.sh @@ -3162,44 +2646,44 @@ index 864e97b31..8c16af8f9 100644 . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml -index 71fc81683..835402712 100644 +index d238e7277..cbeae4d55 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh -index d1a513600..8ca091bea 100644 +index 90f6fbc93..d64b401df 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_audispd_network_failure_action") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh -index d244d4bd0..ec516de8a 100644 +index 28d00f26e..bf391529f 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh -index af96da871..3bcbba05c 100644 +index fea488a3e..62a08e1c7 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment @@ -3315,22 +2799,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml -index 0adf2b538..376952524 100644 +index 4205bb067..d7a1a4d8b 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh -index ce4f4d029..6ab8e06dd 100644 +index 698076ac8..e59677252 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}} @@ -3346,10 +2830,10 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml -index 5b13ec280..a62237d57 100644 +index e595e81c2..ee1b38b6e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml -@@ -44,7 +44,7 @@ references: +@@ -45,7 +45,7 @@ references: nist@sle12: AU-5(b),AU-5.1(iv) srg: SRG-OS-000047-GPOS-00023 stigid@ol8: OL08-00-030060 @@ -3390,30 +2874,30 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml -index b82e6d174..717e52b99 100644 +index bcb4b0de9..2f6e309d3 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh -index dfb8d3035..28e3fd6c9 100644 +index 06d79abb6..258378a89 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml -index 5128e09d4..84b464d65 100644 +index 516591612..7ecb7908e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml -@@ -45,7 +45,7 @@ references: +@@ -46,7 +46,7 @@ references: srg: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134 stigid@ol7: OL07-00-030350 stigid@ol8: OL08-00-030020 @@ -3702,22 +3186,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml -index ec0ed4850..3c3b130e8 100644 +index bf6dec7e1..5ab7ec344 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh -index b6e0267bb..990063e2f 100644 +index e6a508f32..4be7f5b35 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu {{{ bash_instantiate_variables("var_auditd_space_left_action") }}} @@ -3733,10 +3217,10 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml -index 6c4fdb098..155953ecc 100644 +index 1956706cf..cfb908562 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000343-GPOS-00134 stigid@ol7: OL07-00-030340 stigid@ol8: OL08-00-030731 @@ -3746,10 +3230,10 @@ index 6c4fdb098..155953ecc 100644 stigid@ubuntu2204: UBTU-22-653040 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml -index ffc0c9517..38df99ed4 100644 +index a7c0963ac..71fd60240 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml -@@ -36,7 +36,7 @@ references: +@@ -37,7 +37,7 @@ references: srg: SRG-OS-000343-GPOS-00134 stigid@ol7: OL07-00-030330 stigid@ol8: OL08-00-030730 @@ -3781,11 +3265,11 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml -index 8bc73ade9..82f2216f2 100644 +index 8aabe5ca5..47fad3734 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/rule.yml -@@ -25,7 +25,7 @@ references: - ospp: FAU_GEN.1 +@@ -24,7 +24,7 @@ references: + nist: CM-6 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-030061 - stigid@rhel8: RHEL-08-030061 @@ -3805,7 +3289,7 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml -index 8779786ae..940b84fce 100644 +index 1e4489ec6..9efec94dd 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/rule.yml @@ -26,7 +26,7 @@ references: @@ -3849,7 +3333,7 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml -index 34ae82604..5b5ec9e8c 100644 +index 3adb155e4..6ffb0c791 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/rule.yml @@ -29,7 +29,7 @@ references: @@ -3919,7 +3403,7 @@ index bcafc35b8..1579dc90f 100644 {{% else %}} The setting for remote_server in /etc/audisp/audisp-remote.conf diff --git a/linux_os/guide/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_argument/rule.yml -index f9fc50331..5bb9a30f0 100644 +index c299d690b..16d97a7b3 100644 --- a/linux_os/guide/auditing/grub2_audit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_argument/rule.yml @@ -44,7 +44,7 @@ references: @@ -3931,18 +3415,6 @@ index f9fc50331..5bb9a30f0 100644 stigid@ubuntu2004: UBTU-20-010198 stigid@ubuntu2204: UBTU-22-212015 -diff --git a/linux_os/guide/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh -index 4a03a2117..365d018a2 100644 ---- a/linux_os/guide/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh -+++ b/linux_os/guide/auditing/grub2_audit_argument/tests/blank_grubenv_rhel8.fail.sh -@@ -1,6 +1,6 @@ - #!/bin/bash - --# platform = Oracle Linux 8,Red Hat Enterprise Linux 8 -+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8 - # remediation = none - - # Removes audit argument from kernel command line in /boot/grub2/grubenv diff --git a/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh index 065c1d459..75db9892c 100644 --- a/linux_os/guide/auditing/grub2_audit_argument/tests/double_value_rhel8.fail.sh @@ -3950,23 +3422,12 @@ index 065c1d459..75db9892c 100644 @@ -1,5 +1,5 @@ #!/bin/bash -# platform = Oracle Linux 8,Red Hat Enterprise Linux 8 -+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8 - - # Break the audit argument in kernel command line in /boot/grub2/grubenv - file="/boot/grub2/grubenv" -diff --git a/linux_os/guide/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh b/linux_os/guide/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh -index 35034f242..3f1e63b11 100644 ---- a/linux_os/guide/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh -+++ b/linux_os/guide/auditing/grub2_audit_argument/tests/wrong_value_rhel8.fail.sh -@@ -1,5 +1,5 @@ - #!/bin/bash --# platform = Oracle Linux 8,Red Hat Enterprise Linux 8 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8 # Break the audit argument in kernel command line in /boot/grub2/grubenv file="/boot/grub2/grubenv" diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml -index 29a93e614..2bd9a8a2b 100644 +index 29aa7f9ad..ce9b67832 100644 --- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml @@ -34,7 +34,7 @@ references: @@ -4000,10 +3461,10 @@ index f93dc5644..1fa37409f 100644 # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv file="/boot/grub2/grubenv" diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml -index 7f037efd2..8fe49fdaa 100644 +index 466f246e1..e2d0c9a57 100644 --- a/linux_os/guide/auditing/package_audit_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit_installed/rule.yml -@@ -30,7 +30,7 @@ references: +@@ -31,7 +31,7 @@ references: pcidss: Req-10.1 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220 stigid@ol8: OL08-00-030180 @@ -4310,10 +3771,10 @@ index 89d6152dc..7afbf02b7 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml -index 56b90f8f0..9542d894f 100644 +index 855978657..1aa6504c6 100644 --- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml +++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220,SRG-APP-000095-CTR-000170,SRG-APP-000409-CTR-000990,SRG-APP-000508-CTR-001300,SRG-APP-000510-CTR-001310 stigid@ol7: OL07-00-030000 stigid@ol8: OL08-00-030181 @@ -4345,10 +3806,10 @@ index 1f6a233ed..9f3a4d6b4 100644 kdump --disable diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml -index ce249cb7d..cd0d86747 100644 +index 6ac54b57b..bb599fdaa 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml +++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml -@@ -44,7 +44,7 @@ references: +@@ -45,7 +45,7 @@ references: srg: SRG-OS-000269-GPOS-00103,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-021300 stigid@ol8: OL08-00-010670 @@ -4357,6 +3818,16 @@ index ce249cb7d..cd0d86747 100644 stigid@sle12: SLES-12-010840 stigid@sle15: SLES-15-040190 stigid@ubuntu2004: UBTU-20-010413 +diff --git a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml +index 7977cba9f..2f6eb4edf 100644 +--- a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml ++++ b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml +@@ -1,4 +1,4 @@ +-{{% if product in ["rhel8", "rhel9", "rhel10"] %}} ++{{% if product in ["rhel8", "almalinux8", "rhel9", "rhel10"] %}} + {{% set service_name = "crond" %}} + {{% else %}} + {{% set service_name = "cron" %}} diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml index 67fc86c42..a397633e8 100644 --- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml @@ -4389,7 +3860,7 @@ index 67fc86c42..a397633e8 100644 Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all". diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml -index c4bc733f3..dd89d6caa 100644 +index 5b602d196..83f10383e 100644 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml @@ -23,7 +23,7 @@ references: @@ -4402,7 +3873,7 @@ index c4bc733f3..dd89d6caa 100644 ocil_clause: 'the fapolicyd package is not installed' diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml -index 51f4cfcbb..c94658ebc 100644 +index d1b5254d2..828ac2fd7 100644 --- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml +++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml @@ -25,7 +25,7 @@ references: @@ -4415,7 +3886,7 @@ index 51f4cfcbb..c94658ebc 100644 ocil_clause: 'the service is not enabled' diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml -index dcf957497..4c54d5ab0 100644 +index d811d3f56..11c584793 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml @@ -34,7 +34,7 @@ references: @@ -4428,11 +3899,11 @@ index dcf957497..4c54d5ab0 100644 stigid@sle15: SLES-15-010030 diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -index 34d5d9759..f2016c15b 100644 +index 181c6b3b0..375c03301 100644 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -@@ -27,7 +27,7 @@ references: - ospp: FTP_ITC_EXT.1 +@@ -26,7 +26,7 @@ references: + ism: 0418,1055,1402 srg: SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010161 - stigid@rhel8: RHEL-08-010161 @@ -4477,12 +3948,12 @@ index ac5972341..4328c61b2 100644 stigid@sle15: SLES-15-010418 diff --git a/linux_os/guide/services/mail/package_postfix_installed/rule.yml b/linux_os/guide/services/mail/package_postfix_installed/rule.yml -index a2b8325d2..1b7a24e1f 100644 +index 6ba5bd00e..e0188820d 100644 --- a/linux_os/guide/services/mail/package_postfix_installed/rule.yml +++ b/linux_os/guide/services/mail/package_postfix_installed/rule.yml -@@ -18,7 +18,7 @@ identifiers: - +@@ -19,7 +19,7 @@ identifiers: references: + disa: CCI-000139 srg: SRG-OS-000046-GPOS-00022 - stigid@rhel8: RHEL-08-030030 + stigid@almalinux8: RHEL-08-030030 @@ -4490,7 +3961,7 @@ index a2b8325d2..1b7a24e1f 100644 ocil_clause: 'the package is not installed' diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml -index 178cb7b93..6c80c4a5f 100644 +index 8b23a9474..87280428f 100644 --- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml +++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml @@ -33,7 +33,7 @@ references: @@ -4503,27 +3974,27 @@ index 178cb7b93..6c80c4a5f 100644 {{{ complete_ocil_entry_package(package="sendmail") }}} diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml -index 3a86771d6..bacfaa7d0 100644 +index a0330236a..89efc61e4 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh -index 743d47775..54354e10c 100644 +index 001ead7d6..1fc220d8a 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}} diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml -index f061c1927..a5ca57fa4 100644 +index 6b5349b41..1873724cd 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias_postmaster/rule.yml @@ -30,7 +30,7 @@ references: @@ -4536,7 +4007,7 @@ index f061c1927..a5ca57fa4 100644 ocil_clause: 'the alias is not set or is not root' diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml -index c5e7ae18c..1ab2a0a40 100644 +index ef8290b59..ad730ee5c 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -4556,10 +4027,10 @@ index befe1acf3..e36b1fd3e 100644 {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}} diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml -index 4448f6d88..969407453 100644 +index b66afbaae..b0dab5753 100644 --- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml +++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml -@@ -25,7 +25,7 @@ references: +@@ -26,7 +26,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040680 stigid@ol8: OL08-00-040290 @@ -4582,10 +4053,10 @@ index eaee5b233..41c58ffc4 100644 ocil_clause: 'the setting does not show' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml -index 5054035ec..735d56fbd 100644 +index 6673f2b5b..abeb64446 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml -@@ -32,7 +32,7 @@ references: +@@ -33,7 +33,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-021021 stigid@ol8: OL08-00-010630 @@ -4595,10 +4066,10 @@ index 5054035ec..735d56fbd 100644 stigid@sle15: SLES-15-040170 diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml -index e8d7cab78..1b34a7379 100644 +index 11ef40a64..ddc51b730 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml -@@ -30,7 +30,7 @@ references: +@@ -31,7 +31,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-021020 stigid@ol8: OL08-00-010650 @@ -4607,6 +4078,30 @@ index e8d7cab78..1b34a7379 100644 stigid@sle12: SLES-12-010810 stigid@sle15: SLES-15-040160 +diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh +index 4963780f8..c3bc5b0de 100644 +--- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh ++++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux + + {{{ bash_package_remove("ntp") }}} + +diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh +index fdfe38968..92a468e1e 100644 +--- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh ++++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh +@@ -1,6 +1,6 @@ + #!/bin/bash + # packages = chrony +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux + + {{{ bash_package_remove("ntp") }}} + diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh index 524cdc7d0..2678708d2 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh @@ -4629,10 +4124,10 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -index b73d6a474..bfcb14917 100644 +index 815a75520..8a917babb 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -@@ -29,7 +29,7 @@ references: +@@ -28,7 +28,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030741 @@ -4663,11 +4158,11 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -index 7d5329a12..484eefc13 100644 +index 5dd6dcdd9..5c94f9f9d 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -@@ -28,7 +28,7 @@ references: - ospp: FMT_SMF_EXT.1 +@@ -26,7 +26,7 @@ references: + nist: CM-7(1) srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030742 - stigid@rhel8: RHEL-08-030742 @@ -4687,10 +4182,10 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml -index 4b8a1300c..ec1bf619b 100644 +index 33ac6c19a..b3de88fff 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml -@@ -92,7 +92,7 @@ references: +@@ -93,7 +93,7 @@ references: srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 stigid@ol7: OL07-00-040500 stigid@ol8: OL08-00-030740 @@ -4844,11 +4339,11 @@ index 69908e41f..0c506bca3 100644 diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml -index 968c37293..5de7345c9 100644 +index 353812b08..2eb12a06e 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_server_directive/rule.yml -@@ -24,7 +24,7 @@ references: - disa: CCI-001891 +@@ -25,7 +25,7 @@ references: + disa: CCI-001890,CCI-004926,CCI-004923 srg: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144,SRG-OS-000359-GPOS-00146 stigid@ol8: OL08-00-030740 - stigid@rhel8: RHEL-08-030740 @@ -4929,10 +4424,10 @@ index ec9e58c75..1a31ccf74 100644 sed -i "^pool.*" {{{ chrony_conf_path }}} echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml -index 23df1616d..add13e340 100644 +index 516a57a68..1b36373e5 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/rule.yml -@@ -36,7 +36,7 @@ references: +@@ -37,7 +37,7 @@ references: nist: CM-6(a),AU-8(1)(a) pcidss: Req-10.4.3 srg: SRG-OS-000355-GPOS-00143 @@ -5054,10 +4549,10 @@ index 722c975d6..e171b138c 100644 - general: The 
ntp
package is not available in {{{ full_name }}}. Please diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml -index b4965fe11..7bb563ffd 100644 +index 8ea49101f..7d4e47fb9 100644 --- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml -@@ -28,7 +28,7 @@ references: +@@ -29,7 +29,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040550 stigid@ol8: OL08-00-010460 @@ -5087,10 +4582,10 @@ index e64838b15..baaa07631 100644 find /root -xdev -type f -name ".rhosts" -exec rm -f {} \; find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \; diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml -index fd5d72b87..9a50e22fa 100644 +index e6cce8607..cb93701a4 100644 --- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml -@@ -31,7 +31,7 @@ references: +@@ -32,7 +32,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040540 stigid@ol8: OL08-00-010470 @@ -5174,7 +4669,7 @@ index 263d036f9..63cfe4fcb 100644 stigid@sle15: SLES-15-010180 diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -index fbf4fbc68..d64cb8f7e 100644 +index 72e6a5780..dbd1dbd76 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -35,7 +35,7 @@ references: @@ -5240,11 +4735,11 @@ index 8b3864392..0c9ad8711 100644 server_args = -s {{{ xccdf_value("var_tftpd_secure_directory") }}} diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml -index 143711727..1a2aed1b3 100644 +index df5f18c3b..d4339ebfd 100644 --- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml +++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml -@@ -24,7 +24,7 @@ references: - ospp: FCS_RBG_EXT.1 +@@ -23,7 +23,7 @@ references: + disa: CCI-000366 srg: SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010473 - stigid@rhel8: RHEL-08-010471 @@ -5445,10 +4940,10 @@ index 16878dc1d..6c3983a9d 100644 test_user="cac_testuser" useradd $test_user diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -index 73b388b2a..cd2506965 100644 +index 7469527d6..e83611da2 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040420 stigid@ol8: OL08-00-010490 @@ -5491,10 +4986,10 @@ index 48ecfbcac..c5a05db8b 100644 FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key) chown root:ssh_keys "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -index 05baa40f9..c4c3bb400 100644 +index 6b70b8e5c..ba1394e94 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -@@ -36,7 +36,7 @@ references: +@@ -37,7 +37,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040410 stigid@ol8: OL08-00-010480 @@ -5504,10 +4999,10 @@ index 05baa40f9..c4c3bb400 100644 stigid@sle15: SLES-15-040240 diff --git a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml -index 9ccb296ef..59f43cac1 100644 +index 27e2fe7ba..5cfd5d9c9 100644 --- a/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml +++ b/linux_os/guide/services/ssh/package_openssh-server_installed/rule.yml -@@ -30,7 +30,7 @@ references: +@@ -31,7 +31,7 @@ references: srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190 stigid@ol7: OL07-00-040300 stigid@ol8: OL08-00-040159 @@ -5517,10 +5012,10 @@ index 9ccb296ef..59f43cac1 100644 stigid@ubuntu2204: UBTU-22-255010 diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml -index d035c6c4c..5a8136f5f 100644 +index a8774a1b5..a2c9081ba 100644 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml -@@ -39,7 +39,7 @@ references: +@@ -40,7 +40,7 @@ references: srg: SRG-OS-000423-GPOS-00187,SRG-OS-000424-GPOS-00188,SRG-OS-000425-GPOS-00189,SRG-OS-000426-GPOS-00190 stigid@ol7: OL07-00-040310 stigid@ol8: OL08-00-040160 @@ -5570,11 +5065,11 @@ index 13306db45..7a5ca21fc 100644 # put line into the file echo "export SSH_USE_STRONG_RNG=32" > /etc/profile.d/cc-ssh-strong-rng.sh diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml -index 2b759401c..c522d36a4 100644 +index 022d46803..1c9c8880b 100644 --- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml +++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml -@@ -25,7 +25,7 @@ identifiers: - references: +@@ -26,7 +26,7 @@ references: + disa: CCI-000186 srg: SRG-OS-000067-GPOS-00035 stigid@ol8: OL08-00-010100 - stigid@rhel8: RHEL-08-010100 @@ -5593,48 +5088,8 @@ index 5a97f74df..104b27f3f 100644 apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml -index 39102e5d7..2dcfeeb0f 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - # reboot = false - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh -index ba5987621..d972650ea 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv - - - {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^Protocol', '2', '%s %s') }}} -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml -index f8d422c6c..aafcd046f 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # reboot = false - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh -index c7212d5b8..dc1e8c4b9 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle - - {{{ bash_instantiate_variables("var_sshd_disable_compression") }}} - {{{ bash_sshd_remediation("Compression", "$var_sshd_disable_compression") }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml -index 9094310a0..2124c1afa 100644 +index 8f9ec93a5..4137c8051 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml @@ -52,7 +52,7 @@ references: @@ -5647,7 +5102,7 @@ index 9094310a0..2124c1afa 100644 stigid@sle15: SLES-15-040440 stigid@ubuntu2004: UBTU-20-010047 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml -index 42f75821e..6f1d30d06 100644 +index 45010c036..2aca7eeb8 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml @@ -42,7 +42,7 @@ references: @@ -5660,7 +5115,7 @@ index 42f75821e..6f1d30d06 100644 {{{ complete_ocil_entry_sshd_option(default="yes", option="GSSAPIAuthentication", value="no") }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml -index 166cdd190..500bb8cae 100644 +index baa1a8c31..9591371cc 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml @@ -43,7 +43,7 @@ references: @@ -5672,28 +5127,8 @@ index 166cdd190..500bb8cae 100644 {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}} -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml -index 228a1166a..6ba91af43 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - # reboot = false - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh -index 5a1ec5cf7..d240b4711 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv - - - {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^RhostsRSAAuthentication', 'no', '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml -index 112b45b7c..73116eec7 100644 +index 9a07f75ee..9a2244fbb 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml @@ -49,7 +49,7 @@ references: @@ -5706,10 +5141,10 @@ index 112b45b7c..73116eec7 100644 stigid@sle15: SLES-15-020040 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml -index 842073fa5..40440bb3d 100644 +index 362fe2673..a091f8c9b 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml -@@ -40,7 +40,7 @@ references: +@@ -39,7 +39,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040380 stigid@ol8: OL08-00-010520 @@ -5719,7 +5154,7 @@ index 842073fa5..40440bb3d 100644 stigid@sle15: SLES-15-040230 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml -index ef31be0ac..31cdbb1a1 100644 +index f520fbad5..63e00a574 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml @@ -43,7 +43,7 @@ references: @@ -5732,7 +5167,7 @@ index ef31be0ac..31cdbb1a1 100644 stigid@ubuntu2004: UBTU-20-010048 stigid@ubuntu2204: UBTU-22-255040 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml -index 2094afabd..226133e04 100644 +index 8c524bdcd..4da257f8e 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml @@ -47,7 +47,7 @@ references: @@ -5745,7 +5180,7 @@ index 2094afabd..226133e04 100644 stigid@sle15: SLES-15-040440 stigid@ubuntu2004: UBTU-20-010047 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml -index 51a2f96e1..7eaff8f48 100644 +index 3320ebf99..15111b069 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml @@ -43,7 +43,7 @@ references: @@ -5758,7 +5193,7 @@ index 51a2f96e1..7eaff8f48 100644 stigid@sle15: SLES-15-040260 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml -index 47695299d..8efc21e5c 100644 +index 6888999e6..ee6da669f 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml @@ -45,7 +45,7 @@ references: @@ -5771,7 +5206,7 @@ index 47695299d..8efc21e5c 100644 stigid@sle15: SLES-15-010040 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml -index da7d9fc43..73b6b2e41 100644 +index ef2ba3929..c0cbe8629 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_print_last_log/rule.yml @@ -38,7 +38,7 @@ references: @@ -5784,7 +5219,7 @@ index da7d9fc43..73b6b2e41 100644 stigid@sle15: SLES-15-020120 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml -index f08076e5c..e25da5d46 100644 +index 897603d8f..8d4d45030 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/rule.yml @@ -28,7 +28,7 @@ references: @@ -5806,21 +5241,11 @@ index a31a14f8a..08ad17d7b 100644 # profiles = xccdf_org.ssgproject.content_profile_ospp mkdir -p /etc/ssh/sshd_config.d -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml -index 5b54ab892..4213bc152 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # reboot = false - # strategy = restrict - # complexity = low diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -index 35c431ad3..d01d5d6ad 100644 +index 696e203cd..854132594 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000126-GPOS-00066,SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109,SRG-OS-000395-GPOS-00175 stigid@ol7: OL07-00-040320 stigid@ol8: OL08-00-010201 @@ -5829,31 +5254,11 @@ index 35c431ad3..d01d5d6ad 100644 stigid@sle12: SLES-12-030190 stigid@sle15: SLES-15-010280 stigid@ubuntu2004: UBTU-20-010037 -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml -index be6b3672f..869beb409 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian - # reboot = false - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh -index e777ce8fe..588ca64d7 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian - - {{{ bash_instantiate_variables("var_sshd_set_keepalive") }}} - diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml -index 351c76ae8..ee6f75ad3 100644 +index 75789bf3b..1c230359d 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml -@@ -51,7 +51,7 @@ references: +@@ -52,7 +52,7 @@ references: pcidss: Req-8.1.8 srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109 stigid@ol8: OL08-00-010200 @@ -5862,63 +5267,22 @@ index 351c76ae8..ee6f75ad3 100644 stigid@sle12: SLES-12-030191 stigid@sle15: SLES-15-010320 stigid@ubuntu2004: UBTU-20-010036 -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml -index a7a2ed3d6..f4ba85ff9 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle - # reboot = false - # strategy = restrict - # complexity = low -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh -index 2920273f9..32fba975e 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu - - {{{ bash_instantiate_variables("sshd_max_auth_tries_value") }}} - -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh -index 4cc6d6598..5e911b469 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/correct_value.pass.sh -@@ -1,5 +1,5 @@ - # profiles = xccdf_org.ssgproject.content_profile_cis --# platform = Red Hat Enterprise Linux 8 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8 - - #!/bin/bash - SSHD_CONFIG="/etc/ssh/sshd_config" -diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh -index fcdb800c2..77c3e82da 100644 ---- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh -+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh -@@ -1,4 +1,4 @@ --# platform = multi_platform_rhel, multi_platform_fedora -+# platform = multi_platform_rhel,multi_platform_almalinux, multi_platform_fedora - - #!/bin/bash - SSHD_CONFIG="/etc/ssh/sshd_config" diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh -index 1d6e73048..03439603e 100644 +index e38b6bf60..4658991c3 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro if grep -q "^Ciphers" /etc/ssh/sshd_config; then sed -i "s/^Ciphers.*/Ciphers aes192-ctr,aes128-ctr/" /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml -index db81f3db9..0c946dcbe 100644 +index bfd521ac1..97642c41c 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml -@@ -46,7 +46,7 @@ references: +@@ -47,7 +47,7 @@ references: srg: SRG-OS-000250-GPOS-00093 stigid@ol7: OL07-00-040712 stigid@ol8: OL08-00-040342 @@ -5928,46 +5292,46 @@ index db81f3db9..0c946dcbe 100644 stigid@sle15: SLES-15-040450 stigid@ubuntu2004: UBTU-20-010045 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh -index 4319832c0..313cc1c9d 100644 +index 925d9862f..d3146b477 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh -index 5e7246205..6de325120 100644 +index a2af968bb..34dc5eae4 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh -index dfe21de81..9ec1188e8 100644 +index b99287bd4..49cfc66c0 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh -index 63774b1e3..780664422 100644 +index 0dc5ce52d..2e01aa869 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh @@ -5983,34 +5347,34 @@ index 3fd2901a9..2e3d34fef 100644 source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh -index a9ddcf7c1..e696c5c82 100644 +index d0fdba3e0..562580591 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh @@ -1,4 +1,4 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh -index 682758a9d..7f2f9144a 100644 +index 46040718a..82010363d 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh -index 4cac68a12..e329787c3 100644 +index 15cf3f7fa..be91dfca7 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu source common.sh @@ -6033,13 +5397,13 @@ index b903a7a08..cd6f95db4 100644 {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh -index 17ff9f0aa..f2ba6a570 100644 +index e0a7f0ac5..20fbef899 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro if grep -q "^MACs" /etc/ssh/sshd_config; then sed -i "s/^MACs.*/MACs hmac-sha2-512/" /etc/ssh/sshd_config @@ -6082,11 +5446,11 @@ index 5a98fc0eb..846cdd444 100644 sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml -index f138fc68b..5f328fec6 100644 +index 20d36dd38..5f1cc3ab5 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml -@@ -30,7 +30,7 @@ references: - ospp: FCS_RBG_EXT.1.2 +@@ -29,7 +29,7 @@ references: + disa: CCI-000366 srg: SRG-OS-000480-GPOS-00232,SRG-OS-000480-GPOS-00227 stigid@ol8: OL08-00-010292 - stigid@rhel8: RHEL-08-010292 @@ -6095,7 +5459,7 @@ index f138fc68b..5f328fec6 100644 ocil: |- To determine whether the SSH service is configured to use strong entropy seed, diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml -index da0460ad1..294438ecb 100644 +index 6fb515baf..62d97825a 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml @@ -37,7 +37,7 @@ references: @@ -6187,7 +5551,7 @@ index a7e449e52..84da3094e 100644 # strategy = configure # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml -index 5feb19e49..ea1822713 100644 +index abff8a19d..cb6b4e213 100644 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml @@ -25,7 +25,7 @@ references: @@ -6271,7 +5635,7 @@ index 1cadee2e4..1c1a2507f 100644 comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth" id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2"> diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml -index 941d038dc..e2f5b968c 100644 +index e729a6822..9563926af 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml @@ -10,7 +10,7 @@ description: |- @@ -6283,7 +5647,7 @@ index 941d038dc..e2f5b968c 100644 Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include "try_cert_auth" or "require_cert_auth" option, like in the following example: 
-@@ -50,7 +50,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      pcidss: Req-8.3
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
      stigid@ol8: OL08-00-020250
@@ -6292,7 +5656,7 @@ index 941d038dc..e2f5b968c 100644
  
  ocil_clause: 'smart cards are not enabled in SSSD'
  
-@@ -60,7 +60,7 @@ ocil: |-
+@@ -58,7 +58,7 @@ ocil: |-
      If configured properly, output should be
      
pam_cert_auth = True

  
@@ -6301,7 +5665,7 @@ index 941d038dc..e2f5b968c 100644
      To verify that smart cards are enabled in PAM files, run the following command:
      
$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth

      If configured properly, output should be
-@@ -75,7 +75,7 @@ fixtext: |-
+@@ -73,7 +73,7 @@ fixtext: |-
  
      pam_cert_auth = True
  
@@ -6419,7 +5783,7 @@ index 43e19d382..2848e2072 100644
  SSSD_FILE="/etc/sssd/sssd.conf"
  rm -f $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
-index 16cd92a94..93339d95d 100644
+index ceeecb8cb..09ff7a09b 100644
 --- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
 @@ -37,7 +37,7 @@ references:
@@ -6432,22 +5796,22 @@ index 16cd92a94..93339d95d 100644
  warnings:
      - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-index efd5408e4..8e7ade7bc 100644
+index 0817b532e..f27acd4e2 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-index e7d5d3916..ed768f876 100644
+index 6a8a81817..2f380920e 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  
  {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
  
@@ -6474,7 +5838,7 @@ index 89bba2055..e5967d9dd 100644
    comment="tests the value of cache_credentials setting in the /etc/sssd/sssd.conf file"
    id="test_sssd_cache_credentials" version="1">
 diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
-index c7a0a5cf8..8c6d9f519 100644
+index dfa576a1c..311e0cafa 100644
 --- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 +++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
 @@ -5,7 +5,7 @@ title: 'Configure SSSD to Expire Offline Credentials'
@@ -6486,7 +5850,7 @@ index c7a0a5cf8..8c6d9f519 100644
      Check if SSSD allows cached authentications with the following command:
      
      $ sudo grep cache_credentials /etc/sssd/sssd.conf
-@@ -46,7 +46,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.AC-1,PR.AC-6,PR.AC-7
      srg: SRG-OS-000383-GPOS-00166
      stigid@ol8: OL08-00-020290
@@ -6495,7 +5859,7 @@ index c7a0a5cf8..8c6d9f519 100644
      stigid@sle12: SLES-12-010680
      stigid@sle15: SLES-15-010500
      stigid@ubuntu2004: UBTU-20-010441
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
  ocil_clause: 'it does not exist or is not configured properly'
  
  ocil: |-
@@ -6557,7 +5921,7 @@ index 331627492..72a361b30 100644
 +# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
  {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
-index 808ca346e..2af1a8914 100644
+index c1e549877..611b62e64 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -6581,7 +5945,7 @@ index 9f18591b3..b49d5217a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 7d0af5820..a0a5a5a6d 100644
+index 2e8ab4691..d1078274f 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 @@ -49,7 +49,7 @@ references:
@@ -6605,7 +5969,7 @@ index e9c55dfb0..9be805c13 100644
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
-index d23e80bd1..81f932796 100644
+index e8112110a..b42279c97 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -6649,11 +6013,11 @@ index 88d55f160..f2f336700 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-index 60cd9f630..f426a3721 100644
+index c5d5738db..f1010c040 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
-@@ -26,7 +26,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -25,7 +25,7 @@ references:
+     nist: CM-8(3)(a),IA-3
      srg: SRG-OS-000378-GPOS-00163
      stigid@ol8: OL08-00-040140
 -    stigid@rhel8: RHEL-08-040140
@@ -6662,20 +6026,20 @@ index 60cd9f630..f426a3721 100644
  ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
-index d07c9a840..5bf0d23b7 100644
+index 6980dd0e2..20c40703e 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Oracle Linux 7,Oracle Linux 8
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Oracle Linux 7,Oracle Linux 8
+-# platform = Red Hat Enterprise Linux 8,multi_platform_ol
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index 2933a2e88..0c90f1d58 100644
+index fc227651b..e3c893048 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040730
      stigid@ol8: OL08-00-040320
@@ -6685,7 +6049,7 @@ index 2933a2e88..0c90f1d58 100644
  ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index 8500723f5..e8642432a 100644
+index bb4f6cd93..1251a07c6 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 @@ -37,7 +37,7 @@ references:
@@ -6738,22 +6102,22 @@ index d3da2f113..a90d73d4b 100644
  
  ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
-index 1dea09b2f..cbc23c694 100644
+index 58d38f9a2..4eea80461 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
-index 63ceaaf88..e50ada3e4 100644
+index bfa9ddc92..cd29e3739 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("login_banner_text") }}}
  
@@ -6769,7 +6133,7 @@ index c2feb1fbc..116c6cde5 100644
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index e9ed3cabd..a79ec2cd1 100644
+index f26873ada..f9eab4878 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 @@ -120,7 +120,7 @@ references:
@@ -6812,10 +6176,10 @@ index 5814a30bd..aa4aa4c5c 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-index 4f7473139..418541379 100644
+index a1f30e5c3..62a7e0658 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
-@@ -54,7 +54,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010030
      stigid@ol8: OL08-00-010049
@@ -6835,10 +6199,10 @@ index 86aff54f9..b295782b0 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-index 1fe60ed14..1d1a3c8f4 100644
+index 6be15fae6..afe502fd9 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
-@@ -58,7 +58,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010040
      stigid@ol8: OL08-00-010050
@@ -6892,7 +6256,7 @@ index e1abf408e..ea28b1697 100644
  # packages = dconf,gdm
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
-index 19b311979..d9f6b7ec9 100644
+index b789b906e..18feffa3d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/disallow_bypass_password_sudo/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -6905,30 +6269,30 @@ index 19b311979..d9f6b7ec9 100644
      stigid@sle15: SLES-15-020104
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-index 428fbd7fa..390b6513d 100644
+index ad3b44290..562d3b354 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Red Hat Virtualization 4
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-index badc79bff..f6c602159 100644
+index 891d516d5..ff2f7b63b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+-# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
  
- {{%- if "sle" in product or "ubuntu" in product %}}
+ {{%- if "sle" in product or "slmicro" in product or "ubuntu" in product %}}
  {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-index ea6e1c5da..edb41d6cc 100644
+index 60b2ae3a3..9d9f27880 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
-@@ -53,7 +53,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040530
      stigid@ol8: OL08-00-020340
@@ -6974,7 +6338,7 @@ index 325d5860a..09df07cce 100644
  if authselect list-features sssd | grep -q with-silent-lastlog; then
      authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-index 3b6df64d6..c60568c1a 100644
+index 003dc0beb..fd02163bd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -7068,7 +6432,7 @@ index ce36c2d22..ac0d46b24 100644
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
-index 6e453a820..ba836e4ca 100644
+index e46b40d68..77a2a4d91 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
 @@ -23,7 +23,7 @@ references:
@@ -7078,7 +6442,7 @@ index 6e453a820..ba836e4ca 100644
 -    stigid@rhel8: RHEL-08-020027,RHEL-08-020028
 +    stigid@almalinux8: RHEL-08-020027,RHEL-08-020028
  
- platform: machine
+ platform: system_with_kernel
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
 index e9ecd879f..74e4c0b09 100644
@@ -7146,13 +6510,13 @@ index 365006509..2a10d041b 100644
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-index e8eacb114..74e200d0a 100644
+index fb7bc6dd7..a35c2c411 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
+     nist@sle15: IA-5(1)(e),IA-5(1).1(v)
      pcidss: Req-8.2.5
      srg: SRG-OS-000077-GPOS-00045
-     stigid@ol7: OL07-00-010270
 -    stigid@rhel8: RHEL-08-020220
 +    stigid@almalinux8: RHEL-08-020220
  
@@ -7287,13 +6651,13 @@ index a55f86dc3..5506f8c40 100644
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-index c64543a1e..7c9f9b69d 100644
+index 8ad3e9c5d..36690b5fa 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
+     nist@sle15: IA-5(1)(e),IA-5(1).1(v)
      pcidss: Req-8.2.5
      srg: SRG-OS-000077-GPOS-00045
-     stigid@ol7: OL07-00-010270
 -    stigid@rhel8: RHEL-08-020221
 +    stigid@almalinux8: RHEL-08-020221
  
@@ -7608,7 +6972,7 @@ index 5bbbc464e..15a644bba 100644
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index c4a8018cf..d5ae08b5f 100644
+index f18c0a14f..6861469b3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 @@ -49,7 +49,7 @@ references:
@@ -7746,10 +7110,10 @@ index 09d8aeee0..72b3aeacb 100644
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-index ca67b9679..50e85c9c8 100644
+index 002a81b2f..3e374d471 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000329-GPOS-00128,SRG-OS-000021-GPOS-00005
      stigid@ol7: OL07-00-010330
      stigid@ol8: OL08-00-020022,OL08-00-020023
@@ -7818,7 +7182,7 @@ index 7c702d669..06c0d31e2 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
-index 9aaf8c8f9..85a8472c8 100644
+index 586a32611..98880bb53 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
 @@ -34,7 +34,7 @@ references:
@@ -7935,7 +7299,7 @@ index 053f91100..04f362717 100644
  
  # This test scenario manually modify the pam_faillock.so entries in auth section from
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
-index 842f95dde..c0449e65a 100644
+index bea8688ac..c51ab4edf 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -8125,7 +7489,7 @@ index 514b2bb37..79374ea78 100644
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
-index 5f6bb4d18..f231b3934 100644
+index e52bd8b76..517b16e01 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
 @@ -50,7 +50,7 @@ references:
@@ -8243,7 +7607,7 @@ index a57645eb1..a7e7b8e9c 100644
  
  authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
-index c22c16632..d210c2880 100644
+index 567144b30..b7a49ab06 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 @@ -48,7 +48,7 @@ references:
@@ -8256,12 +7620,12 @@ index c22c16632..d210c2880 100644
      stigid@ubuntu2204: UBTU-22-611020
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
-index 7c97ee468..76157bb12 100644
+index c4c55f3e1..5a6e73f66 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
 @@ -30,7 +30,7 @@ references:
      nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
-     srg: SRG-OS-000480-GPOS-00225
+     srg: SRG-OS-000480-GPOS-00225,SRG-OS-000072-GPOS-00040
      stigid@ol8: OL08-00-020300
 -    stigid@rhel8: RHEL-08-020300
 +    stigid@almalinux8: RHEL-08-020300
@@ -8269,7 +7633,7 @@ index 7c97ee468..76157bb12 100644
      stigid@ubuntu2204: UBTU-22-611030
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
-index ab6492ce6..09281c741 100644
+index b63e93fc0..371477acc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
 @@ -46,7 +46,7 @@ references:
@@ -8282,7 +7646,7 @@ index ab6492ce6..09281c741 100644
      stigid@ubuntu2204: UBTU-22-611040
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
-index 0f42b1c95..71e113867 100644
+index 0c3e42332..ab86031c9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
 @@ -48,7 +48,7 @@ references:
@@ -8295,11 +7659,11 @@ index 0f42b1c95..71e113867 100644
      stigid@ubuntu2204: UBTU-22-611015
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
-index 59b15a147..9b63b75a9 100644
+index b8eed2243..e246512fb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
 @@ -38,7 +38,7 @@ references:
-     srg: SRG-OS-000072-GPOS-00040
+     srg: SRG-OS-000072-GPOS-00040,SRG-OS-000730-GPOS-00190
      stigid@ol7: OL07-00-010190
      stigid@ol8: OL08-00-020140
 -    stigid@rhel8: RHEL-08-020140
@@ -8308,7 +7672,7 @@ index 59b15a147..9b63b75a9 100644
  ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index 7599f9c0f..3ea3ff501 100644
+index 2e3c33f22..7742a233c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -8321,7 +7685,7 @@ index 7599f9c0f..3ea3ff501 100644
  ocil_clause: the value of "maxrepeat" is set to more than "{{{ xccdf_value("var_password_pam_maxrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
-index 0c4c9137d..9906702a9 100644
+index 4905d163d..46efc5f68 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
 @@ -55,7 +55,7 @@ references:
@@ -8334,7 +7698,7 @@ index 0c4c9137d..9906702a9 100644
  ocil_clause: the value of "minclass" is set to less than "{{{ xccdf_value("var_password_pam_minclass") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
-index ab1564fd2..a62763085 100644
+index 3d4440cda..8bb8c77e6 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
 @@ -48,7 +48,7 @@ references:
@@ -8347,7 +7711,7 @@ index ab1564fd2..a62763085 100644
      stigid@ubuntu2204: UBTU-22-611035
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
-index acaa4ac60..232916720 100644
+index 84ee603a8..813faf411 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
 @@ -49,7 +49,7 @@ references:
@@ -8379,11 +7743,11 @@ index a55859203..377efc82e 100644
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index f9fd284af..662836e6d 100644
+index 482760bcc..996b89192 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
 @@ -24,7 +24,7 @@ references:
-     disa: CCI-000366
+     disa: CCI-004066
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000070-GPOS-00038,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020100
 -    stigid@rhel8: RHEL-08-020100
@@ -8554,10 +7918,10 @@ index 25a0da980..bf2a98da4 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index f6d54fe05..1e7744694 100644
+index 6e25f2948..716c7d6cf 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000069-GPOS-00037,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010119
      stigid@ol8: OL08-00-020102,OL08-00-020103,OL08-00-020104
@@ -8638,7 +8002,7 @@ index ea2eb57fe..033bbbceb 100644
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
-index 40dc3a655..c69351c96 100644
+index fa55c67d0..aa1626c3c 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -8671,20 +8035,20 @@ index f6b461789..fb6d88e37 100644
  {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
  LIBUSER_CONF="/etc/libuser.conf"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-index 8dedf993c..51c76b11a 100644
+index e0b6d68db..5ec6c69bb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index 521ead63a..f12e7fa47 100644
+index fc5064a28..3f367461f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041
      stigid@ol7: OL07-00-010210
      stigid@ol8: OL08-00-010110
@@ -8714,7 +8078,7 @@ index 3b4602f2c..89cf6b6c5 100644
  {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
  PAM_FILE_PATH="/etc/pam.d/password-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index c83e27507..9648a2400 100644
+index 13da3921f..a3f780057 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 @@ -50,7 +50,7 @@ references:
@@ -8799,10 +8163,10 @@ index 98aff168e..ce8da6ac3 100644
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-index 446d1abb3..c14755b3d 100644
+index eb1843292..a7c95046e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -65,7 +65,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol7: OL07-00-010200
      stigid@ol8: OL08-00-010159
@@ -8884,10 +8248,10 @@ index d0413404b..3ec30f45b 100644
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-index 7923dd7a7..fd54527bd 100644
+index 556bee4c1..8a5f82244 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist@sle12: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg: SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010130
@@ -8908,7 +8272,7 @@ index 3045574e5..7ce6bb466 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index 558523055..751d68c8d 100644
+index 7e9a58560..6cdeb9586 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 @@ -71,7 +71,7 @@ references:
@@ -8932,10 +8296,10 @@ index 517c83c6e..041e9a29c 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-index 7ab3a0ed0..df7bdbfe9 100644
+index ae3a3ab28..1449c55de 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
-@@ -75,7 +75,7 @@ references:
+@@ -76,7 +76,7 @@ references:
      srg: SRG-OS-000324-GPOS-00125,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020230
      stigid@ol8: OL08-00-040170
@@ -8966,10 +8330,10 @@ index 41eed9737..992dc2304 100644
  
  systemctl unmask ctrl-alt-del.target
 diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-index 38e49c15d..41bd95b7d 100644
+index 6dc5eae7e..fbf4edf7b 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000163-GPOS-00072
      stigid@ol8: OL08-00-020035
@@ -8978,59 +8342,11 @@ index 38e49c15d..41bd95b7d 100644
  
  ocil_clause: "the option is not configured"
  
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
-index a3490a60d..b0c3f31d6 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
-@@ -18,7 +18,7 @@
-       create: yes
-       dest: /usr/lib/systemd/system/emergency.service
-       regexp: "^#?ExecStart="
--      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] -%}}
-+      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] -%}}
-       line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency"
-       {{%- else -%}}
-       line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
-index 2a65ef992..319be43db 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
-@@ -7,7 +7,7 @@ service_dropin_file="${service_dropin_cfg_dir}/10-oscap.conf"
- service_file="/usr/lib/systemd/system/emergency.service"
- {{% endif %}}
- 
--{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
- sulogin="/usr/lib/systemd/systemd-sulogin-shell emergency"
- {{%- else -%}}
- sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
-index 90ef51b2a..cf288e66b 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
-@@ -24,7 +24,7 @@
-   
-   
-   
-     /usr/lib/systemd/system/emergency.service
--    {{%- if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{%- if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
-     ^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency
-     {{%- else -%}}
-     ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index 102fa944f..377b4867e 100644
+index 1517b25f8..096e09800 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010152
@@ -9039,7 +8355,7 @@ index 102fa944f..377b4867e 100644
  
  ocil_clause: 'the output is different'
  
-@@ -51,7 +51,7 @@ ocil: |-
+@@ -50,7 +50,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      
$ grep sulogin /usr/lib/systemd/system/emergency.service

      The output should be similar to the following, and the line must begin with
@@ -9048,12 +8364,12 @@ index 102fa944f..377b4867e 100644
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

      {{%- else -%}}
-@@ -79,7 +79,7 @@ fixtext: |-
+@@ -78,7 +78,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication for system emergency mode.
  
      Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
--    {{% if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
      ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
      {{%- else -%}}
      ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
@@ -9068,6 +8384,17 @@ index bce932b72..e446c7836 100644
  
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/usr/lib/systemd/systemd-sulogin-shell"
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
+index 73d2f3ad0..d5c7db6ab 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ rm -f /etc/systemd/system/emergency.service
+ mkdir -p /etc/systemd/system/emergency.service.d/
+ cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
 index d9fdc678f..a4f6ea6a9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
@@ -9079,43 +8406,19 @@ index d9fdc678f..a4f6ea6a9 100644
  
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/bin/bash"
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
-index 94e34a0f8..72e109390 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
-@@ -9,7 +9,7 @@
-       create: yes
-       dest: /usr/lib/systemd/system/rescue.service
-       regexp: "^#?ExecStart="
--      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+      {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
-       line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue"
-       {{%- else -%}}
-       line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
-index 62fd1a76a..bb8a6b6a7 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
-@@ -14,7 +14,7 @@
-   
-   
-   
-     /usr/lib/systemd/system/rescue.service
--    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
-+    {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
-     ^ExecStart=\-.*/usr/lib/systemd/systemd-sulogin-shell[ ]+rescue
-     {{%- else -%}}
-     ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
+index 4545cf49f..520cd2af5 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+ rm -f /etc/systemd/system/emergency.service
+ mkdir -p /etc/systemd/system/emergency.service.d/
+ cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index ac4b5a733..c53b14de8 100644
+index 90c48074e..8a677d311 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -9127,35 +8430,28 @@ index ac4b5a733..c53b14de8 100644
  
  ocil_clause: 'the output is different'
  
-@@ -54,7 +54,7 @@ ocil: |-
-     To check if authentication is required for single-user mode, run the following command:
-     
$ grep sulogin /usr/lib/systemd/system/rescue.service

-     The output should be similar to the following, and the line must begin with
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "rhcos4"] -%}}
-         ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
-         
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue

-     {{%- else -%}}
-@@ -84,7 +84,7 @@ fixtext: |-
-     Configure {{{ full_name }}} to require authentication in single user mode.
- 
-     Add or update the following line in "/usr/lib/systemd/system/rescue.service":
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
-     ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
-     {{%- else -%}}
-     ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-index fd13fbd1c..18d27a02a 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
+index 3cf97a457..7f9b4043f 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- 
- service_file="/usr/lib/systemd/system/rescue.service"
- sulogin="/usr/lib/systemd/systemd-sulogin-shell"
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ rm -rf /etc/systemd/system/rescue.service.d
+ mkdir -p /etc/systemd/system/rescue.service.d
+ cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
+index 0bb3ce9ff..d9865e063 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ rm -rf /etc/systemd/system/rescue.service.d
+ mkdir -p /etc/systemd/system/rescue.service.d
+ cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
 index 63b9b08b5..15abe6cec 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
@@ -9187,19 +8483,6 @@ index f47326940..42d591752 100644
  # reboot = false
  # strategy = configure
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
-index 066a8b09a..b4b449e95 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/rule.yml
-@@ -27,7 +27,7 @@ references:
-     disa: CCI-000056,CCI-000058
-     srg: SRG-OS-000031-GPOS-00012,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
-     stigid@ol8: OL08-00-020041
--    stigid@rhel8: RHEL-08-020041
-+    stigid@almalinux8: RHEL-08-020041
- 
- platform: package[tmux]
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
 index dc63eb653..dc6931307 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
@@ -9210,32 +8493,6 @@ index dc63eb653..dc6931307 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-index b30afaa15..6f953f354 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
-@@ -25,7 +25,7 @@ references:
-     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
-     srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
-     stigid@ol8: OL08-00-020070
--    stigid@rhel8: RHEL-08-020070
-+    stigid@almalinux8: RHEL-08-020070
- 
- platform: package[tmux]
- 
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-index 07fdebf9c..aafd8cb71 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
-@@ -30,7 +30,7 @@ references:
-     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
-     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
-     stigid@ol8: OL08-00-020040
--    stigid@rhel8: RHEL-08-020040
-+    stigid@almalinux8: RHEL-08-020040
- 
- platform: package[tmux]
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
 index ddfb97fa4..5213cdee6 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/tests/correct.pass.sh
@@ -9288,19 +8545,6 @@ index acd297d55..d8dc1cd00 100644
 +# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  
  echo 'set -g lock-command locker' >> '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
-index a40f5a680..f95ca1496 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/rule.yml
-@@ -27,7 +27,7 @@ references:
-     disa: CCI-000056
-     srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
-     stigid@ol8: OL08-00-020040
--    stigid@rhel8: RHEL-08-020040
-+    stigid@almalinux8: RHEL-08-020040
- 
- platform: package[tmux]
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
 index 0b31379f0..778d63d74 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
@@ -9367,32 +8611,6 @@ index 6b2d6cd5e..c20712c9f 100644
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-index 66c59681c..945638c7e 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
-@@ -26,7 +26,7 @@ references:
-     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
-     srg: SRG-OS-000324-GPOS-00125,SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
-     stigid@ol8: OL08-00-020042
--    stigid@rhel8: RHEL-08-020042
-+    stigid@almalinux8: RHEL-08-020042
- 
- ocil_clause: 'tmux is listed in /etc/shells'
- 
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-index b17c66f0c..df5c0d0f3 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
-@@ -42,7 +42,7 @@ references:
-     ospp: FMT_SMF_EXT.1,FMT_MOF_EXT.1,FTA_SSL.1
-     srg: SRG-OS-000030-GPOS-00011,SRG-OS-000028-GPOS-00009
-     stigid@ol8: OL08-00-020039
--    stigid@rhel8: RHEL-08-020039
-+    stigid@almalinux8: RHEL-08-020039
- 
- ocil_clause: 'the package is not installed'
- 
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
 index 1a9d35f69..9a5753d98 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/ansible/shared.yml
@@ -9404,10 +8622,10 @@ index 1a9d35f69..9a5753d98 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index 7d96e885d..de1df4f6a 100644
+index 7f094490a..01acc6117 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -55,7 +55,7 @@ references:
      srg: SRG-OS-000105-GPOS-00052,SRG-OS-000375-GPOS-00160,SRG-OS-000375-GPOS-00161,SRG-OS-000377-GPOS-00162
      stigid@ol7: OL07-00-041001
      stigid@ol8: OL08-00-010390
@@ -9417,7 +8635,7 @@ index 7d96e885d..de1df4f6a 100644
      stigid@sle15: SLES-15-010460
      stigid@ubuntu2004: UBTU-20-010063
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
-index 5320652a3..a655e7084 100644
+index 7ee9a73fd..ae05d045b 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
 @@ -35,7 +35,7 @@ references:
@@ -9430,22 +8648,22 @@ index 5320652a3..a655e7084 100644
      stigid@ubuntu2204: UBTU-22-612015
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
-index 18231e23a..c986f5c73 100644
+index 08b89bf8f..cea27ab4d 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
-index a22adcde9..7a3410e98 100644
+index 2efee65ed..6521bf37c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
  
  {{{ bash_package_install("pam_pkcs11") }}}
  
@@ -9483,7 +8701,7 @@ index c0cc3c94f..6db041b04 100644
  
  if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
 diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
-index b9bdfde66..4836098db 100644
+index ee3d8e635..d4a3a520e 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
 @@ -36,7 +36,7 @@ references:
@@ -9496,30 +8714,30 @@ index b9bdfde66..4836098db 100644
  ocil_clause: |-
      {{{ ocil_clause_service_disabled(service="debug-shell") }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
-index 74598bc7e..680caf4ba 100644
+index 84f13bfea..709b9e923 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
-index f299285d4..52e841b61 100644
+index 77aa71dd9..b3bfff528 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  
  {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index 6ea41b0ff..0405948cd 100644
+index 3cbd74e9b..d37ae427e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000118-GPOS-00060
      stigid@ol7: OL07-00-010310
      stigid@ol8: OL08-00-020260
@@ -9529,10 +8747,10 @@ index 6ea41b0ff..0405948cd 100644
      stigid@sle15: SLES-15-020050
      stigid@ubuntu2004: UBTU-20-010409
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-index 47180dd05..7968aa26b 100644
+index 96ae3e33c..6b1558013 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000123-GPOS-00064,SRG-OS-000002-GPOS-00002
      stigid@ol7: OL07-00-010271
      stigid@ol8: OL08-00-020000,OL08-00-020270
@@ -9542,10 +8760,10 @@ index 47180dd05..7968aa26b 100644
      stigid@sle15: SLES-15-020061
      stigid@ubuntu2004: UBTU-20-010000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index 8c2eab459..8a70486c5 100644
+index e22349631..65f1921fc 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-@@ -26,7 +26,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      pcidss: Req-8.1.1
      srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062
      stigid@ol8: OL08-00-020240
@@ -9555,10 +8773,10 @@ index 8c2eab459..8a70486c5 100644
      stigid@sle15: SLES-15-010230
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-index 552586cb5..653a36dab 100644
+index de8bfee0f..08390822e 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020270
      stigid@ol8: OL08-00-020320
@@ -9579,20 +8797,20 @@ index aa147fdce..bb8288f5b 100644
  
  var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
-index 1e571bcbf..7901ceae0 100644
+index c4c2f7ba0..e03ccee7a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-index 1ce9ffa5e..c8c54c494 100644
+index 4fd6b372e..04ec89cdc 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010250
      stigid@ol8: OL08-00-020200
@@ -9602,20 +8820,20 @@ index 1ce9ffa5e..c8c54c494 100644
      stigid@sle15: SLES-15-020220
      stigid@ubuntu2004: UBTU-20-010008
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
-index 0c81c0ee5..29f31c654 100644
+index 6e22e90d7..bfd7508ad 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-index d556150e6..58a89def2 100644
+index 84fd51d36..b441ebabd 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010230
      stigid@ol8: OL08-00-020190
@@ -9645,7 +8863,7 @@ index dcc5de3f1..268aafbab 100644
  {{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
  {{{ bash_replace_or_append('/etc/login.defs', '^PASS_MIN_LEN', "$var_accounts_password_minlen_login_defs", '%s %s') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
-index cba84fad4..744edffa8 100644
+index 2abaa2581..71f3d6a22 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
 @@ -46,7 +46,7 @@ references:
@@ -9721,30 +8939,30 @@ index 3772aee13..4dfc4668b 100644
  
  sed -i "/^PASS_MIN_LEN.*/d" /etc/login.defs
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
-index dc843c19c..1290f8d43 100644
+index 18974ea6c..d72de8a97 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ol
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
-index 8ff7cba19..14ece5d17 100644
+index 7d6bc11f9..0a8561b81 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index 5295dd631..9966b78dd 100644
+index 70b804ce8..85fc554e8 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010260
      stigid@ol8: OL08-00-020210
@@ -9774,10 +8992,10 @@ index 7bdb759f6..dd157f1e3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index b48710adf..f6a442629 100644
+index 43567e343..53e3edb44 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010240
      stigid@ol8: OL08-00-020180
@@ -9797,10 +9015,10 @@ index 4994ff315..e8469b8e9 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index e2d0cf92d..a0fca7b34 100644
+index b3ce8eb55..351a32e8a 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010120
@@ -10004,12 +9222,12 @@ index 117a42585..b41d01a89 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index 9878acd1a..65218e2fe 100644
+index 889998309..05177f1a1 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = configure
  # complexity = low
@@ -10025,10 +9243,10 @@ index ad3133b1f..eac1b843a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-index 146d59838..b7163d610 100644
+index a4f085ec0..96b1dc896 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010290
      stigid@ol8: OL08-00-020331,OL08-00-020332
@@ -10074,10 +9292,10 @@ index 9dc5d7677..a16c83995 100644
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-index 1a64a9d56..7906b8c99 100644
+index 55c7149f5..861c85d5f 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010291
      stigid@ol8: OL08-00-010121
@@ -10087,10 +9305,10 @@ index 1a64a9d56..7906b8c99 100644
      stigid@sle15: SLES-15-020181
      stigid@ubuntu2004: UBTU-20-010462
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-index 6459341c4..8145effaa 100644
+index 3147b3e0d..bb5952a84 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020310
      stigid@ol8: OL08-00-040200
@@ -10191,10 +9409,10 @@ index d16374ffd..1ae066fd9 100644
  
  PAM_CONF=/etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-index 6da117a36..0181266d6 100644
+index 1c0e2ca28..54ebaf547 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020610
      stigid@ol8: OL08-00-010760
@@ -10237,30 +9455,30 @@ index 0b8be731c..03bb75239 100644
  
  ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-index 536ac2956..d1bff5ffa 100644
+index 88758d295..f0c54f4c3 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-index 0005b2ccb..0329d6cdf 100644
+index 3415b164a..97ac5e4d9 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  
  {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-index 1f5f6c917..ffa4e6452 100644
+index 477afdbe7..1ccd6d5c0 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000027-GPOS-00008
      stigid@ol7: OL07-00-040000
      stigid@ol8: OL08-00-020024
@@ -10270,7 +9488,7 @@ index 1f5f6c917..ffa4e6452 100644
      stigid@sle15: SLES-15-020020
      stigid@ubuntu2004: UBTU-20-010400
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-index 3f080376a..6295c853e 100644
+index d3798de62..19761e09d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10280,7 +9498,7 @@ index 3f080376a..6295c853e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-index 9ca521640..5c961399e 100644
+index da628bc5e..90f23cb90 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
 @@ -1,4 +1,4 @@
@@ -10290,10 +9508,10 @@ index 9ca521640..5c961399e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-index 8065f0085..1f16d2909 100644
+index ebab6010f..edb1e218c 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020730
      stigid@ol8: OL08-00-010660
@@ -10303,10 +9521,10 @@ index 8065f0085..1f16d2909 100644
      stigid@sle15: SLES-15-040130
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-index 6d4ef3b0e..0f3906eef 100644
+index a59cb8c08..efdacd07b 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020720
      stigid@ol8: OL08-00-010690
@@ -10316,10 +9534,10 @@ index 6d4ef3b0e..0f3906eef 100644
      stigid@sle15: SLES-15-040120
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-index dd739297e..1b2367cb0 100644
+index 4cc4bd31d..ab4719ded 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010720
@@ -10329,10 +9547,10 @@ index dd739297e..1b2367cb0 100644
      stigid@sle15: SLES-15-040070
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index 4fbbcb182..1325dd4de 100644
+index a05675fbf..50f9b67d6 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020620
      stigid@ol8: OL08-00-010750
@@ -10368,10 +9586,10 @@ index 72dd0b8c0..e62e9203c 100644
  ocil_clause: 'home directory files or folders have incorrect permissions'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-index 04bdb64a9..07506d0e4 100644
+index efd83d032..4043bc31e 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020650
      stigid@ol8: OL08-00-010740
@@ -10381,10 +9599,10 @@ index 04bdb64a9..07506d0e4 100644
      stigid@sle15: SLES-15-040100
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-index bcc5e2689..7f71fecff 100644
+index 0fc7f9aa2..a3b478785 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020710
      stigid@ol8: OL08-00-010770
@@ -10394,10 +9612,10 @@ index bcc5e2689..7f71fecff 100644
      stigid@sle15: SLES-15-040110
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
-index 570cc8b87..f0d64f938 100644
+index 40ab5475c..e1f07da16 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
-@@ -24,7 +24,7 @@ identifiers:
+@@ -25,7 +25,7 @@ identifiers:
  references:
      disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
@@ -10407,10 +9625,10 @@ index 570cc8b87..f0d64f938 100644
  ocil_clause: 'they are not 0740 or more permissive'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index 035a9df85..86475b578 100644
+index e3df0021c..fddf0065c 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020630
      stigid@ol8: OL08-00-010730
@@ -10430,7 +9648,7 @@ index 5bfb963a1..77807dbfb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index e744bbb7c..b8261a7ed 100644
+index f94449e09..7d5abcfb3 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -10490,10 +9708,10 @@ index 04f6247a8..bd02cb830 100644
  sed -i '/umask/d' /etc/csh.cshrc
  echo "umask 077" >> /etc/csh.cshrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-index cd4197a0a..92148bf89 100644
+index ba0eed42e..893d1ca2d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      srg: SRG-OS-000480-GPOS-00228
      stigid@ol7: OL07-00-020240
      stigid@ol8: OL08-00-020351
@@ -10536,7 +9754,7 @@ index ec59ac915..3e5470b1e 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index 92a399ce2..cd13fbe27 100644
+index 37ff12a68..c0a98aefb 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -10657,7 +9875,7 @@ index c4213caf8..c422634f2 100644
  # Break the argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index 94c2f2efc..4f74d05ea 100644
+index eeaf319fa..852899a14 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -10670,7 +9888,7 @@ index 94c2f2efc..4f74d05ea 100644
  ocil_clause: 'Kernel page-table isolation is not enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 5d9d6817a..dfd66ec6a 100644
+index 3e1e837c8..574a211f4 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -10683,10 +9901,10 @@ index 5d9d6817a..dfd66ec6a 100644
  ocil_clause: 'vsyscalls are enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index a78a799a6..9aa035c0a 100644
+index c476ddec3..5fc8e5710 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010483
      stigid@ol8: OL08-00-010149
@@ -10709,7 +9927,7 @@ index f5b957e88..b678a4e70 100644
        {{% else %}}
        
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index ed27a3ad2..a6e140f28 100644
+index c58c5f226..efdc99949 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 @@ -64,7 +64,7 @@ references:
@@ -10722,10 +9940,10 @@ index ed27a3ad2..a6e140f28 100644
      stigid@sle15: SLES-15-010190
      stigid@ubuntu2004: UBTU-20-010009
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index ed93df342..a2293d64d 100644
+index bd64b621f..8eb16f129 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010492
      stigid@ol8: OL08-00-010141
@@ -10735,10 +9953,10 @@ index ed93df342..a2293d64d 100644
  ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index 10596e191..c355a8aa2 100644
+index e4978316b..28c0c13fa 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-@@ -65,7 +65,7 @@ references:
+@@ -66,7 +66,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010491
      stigid@ol8: OL08-00-010140
@@ -10933,7 +10151,7 @@ index 0c2febb03..556ea474a 100644
  # Make sure boot loader entries doesn't contain systemd.debug-shell
  sed -Ei 's/(^options.*)\s\bsystemd.debug-shell\b\S*(.*?)$/\1\2/' /boot/loader/entries/*
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
-index 773f88904..6060189e7 100644
+index 8fa32223f..89e411a7f 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -10943,10 +10161,10 @@ index 773f88904..6060189e7 100644
  if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
  	mkdir -p /etc/rsyslog.d
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-index 30dfad231..4db948049 100644
+index 3be9ad9b1..3e3d91f5d 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021100
      stigid@ol8: OL08-00-030010
@@ -11015,10 +10233,10 @@ index 7b9dcc0be..20aa3afaf 100644
  ocil_clause: 'rsyslogd DefaultNetstreamDriver not set to gtls'
  
 diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-index 98805b202..2e51e5dac 100644
+index c1f2165a1..d92008f40 100644
 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
 +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist: AC-17(1)
      srg: SRG-OS-000032-GPOS-00013
      stigid@ol8: OL08-00-010070
@@ -11118,11 +10336,11 @@ index ef3415b6a..6eebe43b9 100644
      - general:
          The Systemd unit logrotate.timer does not exist in
 diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-index 2a7c9362e..2458a4fff 100644
+index 14abf739b..f41d894f3 100644
 --- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
-@@ -29,7 +29,7 @@ references:
-     ospp: FTP_ITC_EXT.1.1
+@@ -28,7 +28,7 @@ references:
+     disa: CCI-000366,CCI-000803
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-030680
 -    stigid@rhel8: RHEL-08-030680
@@ -11131,11 +10349,11 @@ index 2a7c9362e..2458a4fff 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-index c22c37e06..718a62c43 100644
+index 54fe1e568..fd6124899 100644
 --- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
 +++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
-@@ -34,7 +34,7 @@ references:
-     ospp: FTP_ITC_EXT.1.1
+@@ -33,7 +33,7 @@ references:
+     nist-csf: PR.PT-1
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000051-GPOS-00024,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-030670
 -    stigid@rhel8: RHEL-08-030670
@@ -11164,10 +10382,10 @@ index f2019bb9a..a12ceb5c1 100644
  {{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
  
 diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-index 76e17dc16..11d1121d8 100644
+index 58909be6e..9cf411641 100644
 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
 +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
-@@ -62,7 +62,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      srg: SRG-OS-000479-GPOS-00224,SRG-OS-000480-GPOS-00227,SRG-OS-000342-GPOS-00133
      stigid@ol7: OL07-00-031000
      stigid@ol8: OL08-00-030690
@@ -11197,7 +10415,7 @@ index ee1cbf7ea..eb4e5adc4 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
-index 0f87bcf0c..af3bd7a50 100644
+index 5a6036bac..706df5c2d 100644
 --- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
 @@ -35,7 +35,7 @@ references:
@@ -11223,7 +10441,7 @@ index c18b89c9e..88fda59ab 100644
  ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index 8974459d0..a0a938558 100644
+index 13ab76040..8d2769fd4 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 @@ -35,7 +35,7 @@ references:
@@ -11236,10 +10454,10 @@ index 8974459d0..a0a938558 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index 399f868b4..3beb6a4c9 100644
+index d52baffd9..22a7cf53e 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040101
@@ -11272,7 +10490,7 @@ index b136bce25..922e1aa46 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
-index 1a748d99d..a070bb03f 100644
+index 9c8e18823..b4fd81cf7 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
 @@ -24,7 +24,7 @@ references:
@@ -11285,11 +10503,11 @@ index 1a748d99d..a070bb03f 100644
  ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-index e0776d260..ad5525593 100644
+index 0ea52afd9..658214d09 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-@@ -43,7 +43,7 @@ references:
-     ospp: FMT_MOF_EXT.1
+@@ -42,7 +42,7 @@ references:
+     nist-csf: PR.IP-1,PR.PT-3
      pcidss: Req-1.4
      srg: SRG-OS-000480-GPOS-00227
 -    stigid@rhel8: RHEL-08-040090
@@ -11341,7 +10559,7 @@ index 87306fedb..88e2884bc 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index f0c586c65..d85fb6caa 100644
+index b361549d1..f8adf0f64 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 @@ -33,7 +33,7 @@ references:
@@ -11365,10 +10583,10 @@ index 8792fc668..2c7c4b025 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index 885dc9186..4888a7777 100644
+index 4e7c5be44..360e86714 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -34,7 +34,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040280
@@ -11389,10 +10607,10 @@ index e222b1c88..85b92ce90 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index 601cd7507..2bd6792da 100644
+index bab3ff393..e02540987 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040830
      stigid@ol8: OL08-00-040240
@@ -11402,10 +10620,10 @@ index 601cd7507..2bd6792da 100644
      stigid@sle15: SLES-15-040310
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index 2c6ac8f1f..eb8debc67 100644
+index b9cde5e58..673f81ae8 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040260
@@ -11426,7 +10644,7 @@ index 4ed2c480c..f59b6d7c3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index 9b86bfc55..07a8a8676 100644
+index a3164b1b1..f9627f3d4 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 @@ -33,7 +33,7 @@ references:
@@ -11450,11 +10668,11 @@ index 845b013ed..063776b85 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index 76041ed36..023a72d0e 100644
+index a5b2f2c1a..d8f57c351 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-@@ -35,7 +35,7 @@ references:
-     nist@sle15: CM-6(b),CM-6.1(iv)
+@@ -37,7 +37,7 @@ references:
+     nist@slmicro5: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040210
 -    stigid@rhel8: RHEL-08-040210
@@ -11474,10 +10692,10 @@ index e2951d845..0335df123 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index 8103a1625..1f0336e6e 100644
+index c46cdcfea..8a0ae66c3 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      pcidss: Req-1.4.3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040250
@@ -11540,10 +10758,10 @@ index 6bb6de134..1f0664a02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 8982b97d5..c133d53c1 100644
+index 6367ef8ea..70097d4ef 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040641
      stigid@ol8: OL08-00-040279
@@ -11564,10 +10782,10 @@ index b3d72bb4a..b89b8a35a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index 45eb5ee6e..98ef362fa 100644
+index 97ceccc1f..065d4b692 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040610
      stigid@ol8: OL08-00-040239
@@ -11577,10 +10795,10 @@ index 45eb5ee6e..98ef362fa 100644
      stigid@sle15: SLES-15-040300
  
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-index 637f5dbf8..e62ee267c 100644
+index f1ed28560..2e9441e35 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
-@@ -21,7 +21,7 @@ references:
+@@ -22,7 +22,7 @@ references:
      nist: CM-6(b)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040259
@@ -11612,7 +10830,7 @@ index c64da37a3..08535e5a1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index abf7b3c11..eb36fd16a 100644
+index 9a76b723e..90dd2f842 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -11669,10 +10887,10 @@ index 2bfbd9e46..8ea37100a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 2b34aa82a..8365ef464 100644
+index 8f2b53aa8..15f51d661 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040640
      stigid@ol8: OL08-00-040209
@@ -11693,10 +10911,10 @@ index aa7d1562b..08668d03c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index ae65f4aca..bc5a18ae0 100644
+index bac36aac5..2da73e4ad 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040620
      stigid@ol8: OL08-00-040249
@@ -11796,10 +11014,10 @@ index ea1db12fe..5d8b19f68 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index dff96b144..147bfeede 100644
+index e0286fee8..279b309fd 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040660
      stigid@ol8: OL08-00-040220
@@ -11820,10 +11038,10 @@ index b54e3d12b..125464d7a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index 96b82e9e8..7dc15970e 100644
+index 5d3bbd883..3fc2de52c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040650
      stigid@ol8: OL08-00-040270
@@ -11844,11 +11062,11 @@ index 89d344c4f..1a926adaa 100644
  
  tbl_output=$(nft list tables | grep inet)
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-index 21987566c..6fb0cb792 100644
+index 6e06e0c6d..b228978f3 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
-@@ -27,7 +27,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -26,7 +26,7 @@ references:
+     nist: AC-18
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040021
 -    stigid@rhel8: RHEL-08-040021
@@ -11857,7 +11075,7 @@ index 21987566c..6fb0cb792 100644
  {{{ complete_ocil_entry_module_disable(module="atm") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
-index 5725e3096..317bb448e 100644
+index 433d01012..63ad0a2c4 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -11881,11 +11099,11 @@ index 57cc29270..4b1b2805e 100644
  rm -f /etc/modprobe.d/dccp-blacklist.conf
  echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-index a81e78e07..40c1b9635 100644
+index c4b6bb2e8..61804c3ed 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
-@@ -26,7 +26,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -25,7 +25,7 @@ references:
+     nist: AC-18
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040026
 -    stigid@rhel8: RHEL-08-040026
@@ -11894,7 +11112,7 @@ index a81e78e07..40c1b9635 100644
  {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index c18e5d498..7a6a1be2b 100644
+index ba4ca0616..d4ef1fc21 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 @@ -42,7 +42,7 @@ references:
@@ -11920,7 +11138,7 @@ index 3d0417c01..bbae29491 100644
  {{{ complete_ocil_entry_module_disable(module="tipc") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index d3bd05e30..2789d6d14 100644
+index e14d31803..e926995b2 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 @@ -36,7 +36,7 @@ references:
@@ -11933,10 +11151,10 @@ index d3bd05e30..2789d6d14 100644
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index fde40d8eb..63aad58cc 100644
+index 830e35504..f4130dffb 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-@@ -62,7 +62,7 @@ references:
+@@ -63,7 +63,7 @@ references:
      srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-000481
      stigid@ol7: OL07-00-041010
      stigid@ol8: OL08-00-040110
@@ -11986,20 +11204,20 @@ index 7e8b5abc0..44ac0069f 100644
 +# platform = Red Hat Enterprise Linux 8,AlmaLinux 8
  echo "NOZEROCONF=yes" >> /etc/sysconfig/network
 diff --git a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
-index c2816c906..def011279 100644
+index 045befe2b..cb724a04e 100644
 --- a/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 +++ b/linux_os/guide/system/network/network_nmcli_permissions/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 10,multi_platform_ol,multi_platform_rhv,multi_platform_fedora
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-index 592b3d110..68e6c6467 100644
+index df4ca9bba..260aba38b 100644
 --- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040670
      stigid@ol8: OL08-00-040330
@@ -12009,12 +11227,12 @@ index 592b3d110..68e6c6467 100644
      stigid@sle15: SLES-15-040390
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
-index 01b454389..3aa4a9c04 100644
+index de314e8b2..aa32dfeba 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
 @@ -25,7 +25,7 @@ identifiers:
  references:
-     disa: CCI-000366
+     disa: CCI-000366,CCI-001090
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000138-GPOS-00069
 -    stigid@rhel8: RHEL-08-010700
 +    stigid@almalinux8: RHEL-08-010700
@@ -12022,30 +11240,30 @@ index 01b454389..3aa4a9c04 100644
  ocil_clause: 'there are world-writable directories not owned by root'
  
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
-index dcb2b99b7..8dbb02940 100644
+index 33caa81c9..df5b4eacb 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel
++# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
-index 91b3495c9..7f3876c49 100644
+index e488cceeb..f36b06f69 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  df --local -P | awk '{if (NR!=1) print $6}' \
  | xargs -I '$6' find '$6' -xdev -type d \
  \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index b19f25b0d..5027ae449 100644
+index 69d08bf04..9b1ef1291 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010190
@@ -12055,10 +11273,10 @@ index b19f25b0d..5027ae449 100644
      stigid@sle15: SLES-15-010300
      stigid@ubuntu2004: UBTU-20-010411
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-index f40488fb9..6ee044971 100644
+index 7a11abcd6..78cee0a4f 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021030
      stigid@ol8: OL08-00-010710
@@ -12094,10 +11312,10 @@ index 4a6b9ceeb..b3eff4127 100644
      stigid@ubuntu2204: UBTU-22-653065
  
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index 6b69dff69..498589351 100644
+index 814e0ceb5..2b3500de4 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020330
      stigid@ol8: OL08-00-010790
@@ -12107,10 +11325,10 @@ index 6b69dff69..498589351 100644
      stigid@sle15: SLES-15-040410
  
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 6d816bdd8..98f852195 100644
+index 14e9efe3e..848445786 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020320
      stigid@ol8: OL08-00-010780
@@ -12198,10 +11416,10 @@ index cc2286f54..4a77ab174 100644
  ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-r-----") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-index bdd0ca354..4e4112fce 100644
+index b06834e4f..fe1277bff 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010351
@@ -12211,10 +11429,10 @@ index bdd0ca354..4e4112fce 100644
      stigid@sle15: SLES-15-010356
      stigid@ubuntu2004: UBTU-20-010431
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-index ef4276c7e..b983ef045 100644
+index 3fcdad610..b44ebf7de 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010341
@@ -12244,10 +11462,10 @@ index 542184ae8..9cdfbf737 100644
  DIRS="/lib /lib64"
  for dirPath in $DIRS; do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-index 34ee54835..f60e43dbd 100644
+index f76b5b354..3abf4036c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist: CM-5,CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010331
@@ -12297,30 +11515,30 @@ index ebaf9b766..858020d51 100644
  for dirPath in $DIRS; do
  	mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
-index 8f479451b..21a923e63 100644
+index 8e9fc7b8b..7ce862d34 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index b9bbe4dbe..2652ea041 100644
+index 8ecb16700..bad3166e1 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  
  for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
  do
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-index 4b23d6aa3..10c90d2cf 100644
+index 11733e096..d8d55c32e 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010320
@@ -12330,30 +11548,30 @@ index 4b23d6aa3..10c90d2cf 100644
      stigid@sle15: SLES-15-010361
      stigid@ubuntu2004: UBTU-20-010458
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
-index 04178f485..ce116710e 100644
+index bfa87de9e..8e2e64479 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
-index 5471f360f..1a2c2a9fa 100644
+index c01f262cb..2f899a4ae 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
  find /bin/ \
  /usr/bin/ \
  /usr/local/bin/ \
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-index 2cdf2dc8d..079295efe 100644
+index 563c8a91b..82d19056c 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010310
@@ -12363,10 +11581,10 @@ index 2cdf2dc8d..079295efe 100644
      stigid@sle15: SLES-15-010359
      stigid@ubuntu2004: UBTU-20-010457
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-index d8fcf8f42..8d9636a3e 100644
+index 2f00b19b3..6d4a7e6b0 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010340
@@ -12416,30 +11634,30 @@ index 3382568ce..b4f4bd0a0 100644
  useradd user_test
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
-index aeaa1f058..b69b5cd7a 100644
+index ab6d35c79..f37c06f86 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
-index ab89b277a..f4a7c33a9 100644
+index 6eef84def..984fb7f55 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
  for dirPath in $DIRS; do
  	find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-index a18cdfca4..0c1af6c3c 100644
+index bc98cf038..196623fa3 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010300
@@ -12449,10 +11667,10 @@ index a18cdfca4..0c1af6c3c 100644
      stigid@sle15: SLES-15-010358
      stigid@ubuntu2004: UBTU-20-010456
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-index 050ae257c..7d76d20cb 100644
+index 82aad077f..03f3313c2 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010330
@@ -12462,10 +11680,10 @@ index 050ae257c..7d76d20cb 100644
      stigid@sle15: SLES-15-010351
      stigid@ubuntu2004: UBTU-20-010426
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-index 83ababe26..67bd9b891 100644
+index 7dc898b83..285bc507a 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist: CM-5(6),CM-5(6).1
      srg: SRG-OS-000259-GPOS-00100
      stigid@ol8: OL08-00-010350
@@ -12506,7 +11724,7 @@ index b0d594003..4a71eccda 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
-index 3f5cbe148..d99ac1862 100644
+index 52d4fa75d..44ec247a9 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -12530,7 +11748,7 @@ index 5ce0decba..b7a4243e4 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
-index 69fab52fe..71e292c99 100644
+index a3c4423d3..3570174cd 100644
 --- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 +++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/rule.yml
 @@ -28,7 +28,7 @@ references:
@@ -12543,7 +11761,7 @@ index 69fab52fe..71e292c99 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index 975a315f7..ef5e76c3e 100644
+index 4bf7fd182..d1b0cd08e 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -12556,10 +11774,10 @@ index 975a315f7..ef5e76c3e 100644
  {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index baa3776d7..806c544ce 100644
+index 8ace97c1f..69653f45f 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227,SRG-APP-000141-CTR-000315
      stigid@ol7: OL07-00-020100
      stigid@ol8: OL08-00-040080
@@ -12569,10 +11787,10 @@ index baa3776d7..806c544ce 100644
      stigid@sle15: SLES-15-010480
      stigid@ubuntu2004: UBTU-20-010461
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index df5a67e58..ad6cb5048 100644
+index d40d550cb..6864e2970 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020110
      stigid@ol8: OL08-00-040070
@@ -12582,7 +11800,7 @@ index df5a67e58..ad6cb5048 100644
      stigid@sle15: SLES-15-010240
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-index d9662e1ea..4bf874668 100644
+index 87623a39c..1031c261a 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -12592,10 +11810,10 @@ index d9662e1ea..4bf874668 100644
 -    stigid@rhel8: RHEL-08-010572
 +    stigid@almalinux8: RHEL-08-010572
  
- platform: machine and uefi
+ platform: uefi
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
-index b8e781df2..2eb0efe13 100644
+index ab03c0740..0290b265c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -12605,10 +11823,10 @@ index b8e781df2..2eb0efe13 100644
 -    stigid@rhel8: RHEL-08-010571
 +    stigid@almalinux8: RHEL-08-010571
  
- platform: machine
  
+ template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index a29bff32d..a3acfd1d2 100644
+index a719912d9..9125c291f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 @@ -42,7 +42,7 @@ references:
@@ -12618,10 +11836,10 @@ index a29bff32d..a3acfd1d2 100644
 -    stigid@rhel8: RHEL-08-040120
 +    stigid@almalinux8: RHEL-08-040120
  
- platform: machine
  
+ template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index 4994a9668..beddd5f5f 100644
+index 7db044066..aaec6d676 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 @@ -44,7 +44,7 @@ references:
@@ -12631,10 +11849,10 @@ index 4994a9668..beddd5f5f 100644
 -    stigid@rhel8: RHEL-08-040122
 +    stigid@almalinux8: RHEL-08-040122
  
- platform: machine
  
+ fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 84e40b798..d8f03a6eb 100644
+index 489b8d490..c997e4849 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 @@ -42,7 +42,7 @@ references:
@@ -12644,10 +11862,10 @@ index 84e40b798..d8f03a6eb 100644
 -    stigid@rhel8: RHEL-08-040121
 +    stigid@almalinux8: RHEL-08-040121
  
- platform: machine
  
+ template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
-index 6dc6c6256..0d8890b42 100644
+index 6890b0be5..065a41791 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -12657,13 +11875,13 @@ index 6dc6c6256..0d8890b42 100644
 -    stigid@rhel8: RHEL-08-010590
 +    stigid@almalinux8: RHEL-08-010590
  
- platform: machine
  
+ {{{ complete_ocil_entry_mount_option("/home", "noexec") }}}
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-index e846fd0cb..6063c4942 100644
+index 3e6f52571..21762a831 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021000
      stigid@ol8: OL08-00-010570
@@ -12673,7 +11891,7 @@ index e846fd0cb..6063c4942 100644
      stigid@sle15: SLES-15-040140
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
-index 4eefec1d6..cf3aabebf 100644
+index d40dfb95b..d5a41d09a 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
 @@ -45,7 +45,7 @@ references:
@@ -12683,10 +11901,10 @@ index 4eefec1d6..cf3aabebf 100644
 -    stigid@rhel8: RHEL-08-010580
 +    stigid@almalinux8: RHEL-08-010580
  
- platform: machine
  
+ fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index de840af4e..6c7417317 100644
+index 8022a0164..efd33c29f 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 @@ -42,7 +42,7 @@ references:
@@ -12696,10 +11914,10 @@ index de840af4e..6c7417317 100644
 -    stigid@rhel8: RHEL-08-010600
 +    stigid@almalinux8: RHEL-08-010600
  
- platform: machine
  
+ ocil_clause: 'a file system found in "/etc/fstab" refers to removable media and it does not have the "nodev" option set'
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index b3dd38407..94db2551c 100644
+index ad9189622..2b91cd1e6 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 @@ -39,7 +39,7 @@ references:
@@ -12712,10 +11930,10 @@ index b3dd38407..94db2551c 100644
  ocil_clause: 'removable media partitions are present'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index 07939ee19..11117594f 100644
+index f409eaabe..101c0c011 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021010
      stigid@ol8: OL08-00-010620
@@ -12725,7 +11943,7 @@ index 07939ee19..11117594f 100644
      stigid@sle15: SLES-15-040150
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
-index 759487603..c58367cb4 100644
+index dc812a92e..7ed0cedca 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
 @@ -41,7 +41,7 @@ references:
@@ -12735,10 +11953,10 @@ index 759487603..c58367cb4 100644
 -    stigid@rhel8: RHEL-08-040123
 +    stigid@almalinux8: RHEL-08-040123
  
- platform: machine and mount[tmp]
+ platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
-index 9a05c8cee..c3855a247 100644
+index 46aedbad4..f999bcbe7 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -12748,10 +11966,10 @@ index 9a05c8cee..c3855a247 100644
 -    stigid@rhel8: RHEL-08-040125
 +    stigid@almalinux8: RHEL-08-040125
  
- platform: machine and mount[tmp]
+ platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
-index ec91cda40..27831a7bf 100644
+index 3a16538b1..b8f9c393e 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
 @@ -41,7 +41,7 @@ references:
@@ -12761,10 +11979,10 @@ index ec91cda40..27831a7bf 100644
 -    stigid@rhel8: RHEL-08-040124
 +    stigid@almalinux8: RHEL-08-040124
  
- platform: machine and mount[tmp]
+ platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index 1f93eb6f9..5efc64a91 100644
+index 1a14ae661..f70441647 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -12774,10 +11992,10 @@ index 1f93eb6f9..5efc64a91 100644
 -    stigid@rhel8: RHEL-08-040129
 +    stigid@almalinux8: RHEL-08-040129
  
- platform: machine and mount[var-log-audit]
+ platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index ee95bfed8..eec942778 100644
+index 12fd9b470..f3241c473 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 @@ -30,7 +30,7 @@ references:
@@ -12787,10 +12005,10 @@ index ee95bfed8..eec942778 100644
 -    stigid@rhel8: RHEL-08-040131
 +    stigid@almalinux8: RHEL-08-040131
  
- platform: machine and mount[var-log-audit]
+ platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index ee46895d9..0a5de999a 100644
+index 06d864887..99135beec 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -12800,10 +12018,10 @@ index ee46895d9..0a5de999a 100644
 -    stigid@rhel8: RHEL-08-040130
 +    stigid@almalinux8: RHEL-08-040130
  
- platform: machine and mount[var-log-audit]
+ platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
-index d80bf7591..b32329ead 100644
+index 442b0a1e1..c5315f31d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -12813,10 +12031,10 @@ index d80bf7591..b32329ead 100644
 -    stigid@rhel8: RHEL-08-040126
 +    stigid@almalinux8: RHEL-08-040126
  
- platform: machine and mount[var-log]
+ platform: mount[var-log]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
-index 31ca08db7..e97615f75 100644
+index e827606dd..cbc9b46ce 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
 @@ -32,7 +32,7 @@ references:
@@ -12826,10 +12044,10 @@ index 31ca08db7..e97615f75 100644
 -    stigid@rhel8: RHEL-08-040128
 +    stigid@almalinux8: RHEL-08-040128
  
- platform: machine and mount[var-log]
+ platform: mount[var-log]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
-index 5421cacec..9f77dca35 100644
+index c83aad907..461b4b057 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
 @@ -33,7 +33,7 @@ references:
@@ -12839,7 +12057,7 @@ index 5421cacec..9f77dca35 100644
 -    stigid@rhel8: RHEL-08-040127
 +    stigid@almalinux8: RHEL-08-040127
  
- platform: machine and mount[var-log]
+ platform: mount[var-log]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
 index 59e39270d..5c154d333 100644
@@ -12852,7 +12070,7 @@ index 59e39270d..5c154d333 100644
  # Delete particular /etc/fstab's row if /var/tmp is already configured to
  # represent a mount point (for some device or filesystem other than /tmp)
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
-index bdd7e10e2..b12b7bbd6 100644
+index 50d698334..69da8f741 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
 @@ -34,7 +34,7 @@ references:
@@ -12862,10 +12080,10 @@ index bdd7e10e2..b12b7bbd6 100644
 -    stigid@rhel8: RHEL-08-040132
 +    stigid@almalinux8: RHEL-08-040132
  
- platforms:
-   - machine and mount[var-tmp]
+ platform: mount[var-tmp]
+ 
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
-index 3c76c9fd6..38b476a1e 100644
+index 86ee15056..ba75368df 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
 @@ -34,7 +34,7 @@ references:
@@ -12875,10 +12093,10 @@ index 3c76c9fd6..38b476a1e 100644
 -    stigid@rhel8: RHEL-08-040134
 +    stigid@almalinux8: RHEL-08-040134
  
- platform: machine and mount[var-tmp]
+ platform: mount[var-tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
-index d594413c3..c47b4179e 100644
+index 100582899..a91f84707 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
 @@ -34,7 +34,7 @@ references:
@@ -12888,7 +12106,7 @@ index d594413c3..c47b4179e 100644
 -    stigid@rhel8: RHEL-08-040133
 +    stigid@almalinux8: RHEL-08-040133
  
- platform: machine and mount[var-tmp]
+ platform: mount[var-tmp]
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
 index d94802273..554e34e00 100644
@@ -12902,10 +12120,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index 7498a48e5..96159f2e9 100644
+index ad9f27dd7..994844035 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010675
@@ -12926,10 +12144,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index d67029786..ddd4260fb 100644
+index e102da2b3..944b71d21 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010674
@@ -12973,7 +12191,7 @@ index f7a5fa08a..9d931fb6e 100644
  ocil_clause: 'the "core" item is missing, commented out, or the value is anything other than "0" and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core"'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
-index 8785358eb..128329417 100644
+index 429f6fe9c..245a55c5a 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
 @@ -29,7 +29,7 @@ references:
@@ -13016,10 +12234,10 @@ index 415b0486d..02b1e991a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index b538bbc9f..52af77e4e 100644
+index 772868e53..e9b536129 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      nist: SC-30,SC-30(2),SC-30(5),CM-6(a)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040283
@@ -13062,10 +12280,10 @@ index 7a4c107b2..22e209120 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index 2001f2d51..8fb592996 100644
+index cf6b71a2f..a1d7a4065 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000480-GPOS-00227,SRG-APP-000450-CTR-001105
      stigid@ol7: OL07-00-040201
      stigid@ol8: OL08-00-010430
@@ -13075,7 +12293,7 @@ index 2001f2d51..8fb592996 100644
      stigid@sle15: SLES-15-010550
      stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index a16325b6f..4c667e220 100644
+index 8d64e30f3..dee3c56d2 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 @@ -37,7 +37,7 @@ references:
@@ -13110,7 +12328,7 @@ index 3260539b3..29d22d491 100755
  
  cp /proc/cpuinfo /tmp/cpuinfo
 diff --git a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
-index 4fcb716d1..ddc46922a 100644
+index 8507ac283..5bed242df 100644
 --- a/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/kernel_module_uvcvideo_disabled/rule.yml
 @@ -20,7 +20,7 @@ references:
@@ -13120,10 +12338,10 @@ index 4fcb716d1..ddc46922a 100644
 -    stigid@rhel8: RHEL-08-040020
 +    stigid@almalinux8: RHEL-08-040020
  
- platform: machine
+ platform: system_with_kernel
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
-index 41763878f..1fa854129 100644
+index 5140236fd..0ebe35402 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
 @@ -28,7 +28,7 @@ references:
@@ -13136,7 +12354,7 @@ index 41763878f..1fa854129 100644
  ocil_clause: 'page allocator poisoning is not enabled'
  
 diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
-index beed0c372..7b4b1bdba 100644
+index c2ea1a898..46a463b73 100644
 --- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
 @@ -28,7 +28,7 @@ references:
@@ -13160,11 +12378,11 @@ index 88c683445..fa9b2020d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index 63c3b0957..0a1e9eb37 100644
+index b555eca8f..3aa33caff 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-@@ -29,7 +29,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -28,7 +28,7 @@ references:
+     nist: SC-7(10)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010671
 -    stigid@rhel8: RHEL-08-010671
@@ -13184,10 +12402,10 @@ index 36e025cc3..e97acde11 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index 01c94c326..1b460b776 100644
+index 7ad7a4b5f..1274520ca 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
      stigid@ol7: OL07-00-010375
      stigid@ol8: OL08-00-010375
@@ -13208,7 +12426,7 @@ index 505b3c12b..cdf18e6dd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index 9a357acf6..e8237b32f 100644
+index ae651f6df..1cf773e70 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 @@ -22,7 +22,7 @@ references:
@@ -13232,7 +12450,7 @@ index 0541e59a7..50020c28c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
-index 7d49faf07..239a6ab59 100644
+index d4143e029..4b95ee738 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
 @@ -24,7 +24,7 @@ references:
@@ -13256,11 +12474,11 @@ index 2e24d9211..7b706bb32 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-index ff8eab1d0..27dec5e8f 100644
+index 874bc113e..19d513681 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
-@@ -23,7 +23,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -22,7 +22,7 @@ references:
+     nist: AC-6,SC-7(10)
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040281
 -    stigid@rhel8: RHEL-08-040281
@@ -13280,7 +12498,7 @@ index ceafd4839..7006e2066 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index c794c8f7d..f0903b697 100644
+index e6e25147a..e9db03401 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -13304,11 +12522,11 @@ index 7519b7740..af6c30abd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-index cecbfd6ec..75c2ad54d 100644
+index 2b4394608..c94003cf9 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
-@@ -24,7 +24,7 @@ references:
-     ospp: FMT_SMF_EXT.1
+@@ -23,7 +23,7 @@ references:
+     nist: CM-6,SC-7(10)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040286
 -    stigid@rhel8: RHEL-08-040286
@@ -13328,7 +12546,7 @@ index fdd4fb83e..3274d5b36 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
-index 96bb4ec1f..1d79af3ff 100644
+index ae6678e66..dd45e6327 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
 @@ -35,7 +35,7 @@ references:
@@ -13372,11 +12590,11 @@ index 2520d3dcc..ed0bc9538 100644
  # Package libselinux cannot be uninstalled normally
  # as it would cause removal of sudo package which is
 diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
-index a0aa0dc85..7b47c643b 100644
+index 5c6e7417e..93471f2bb 100644
 --- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 +++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
 @@ -32,7 +32,7 @@ references:
-     disa: CCI-001084
+     disa: CCI-000366,CCI-001084
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000134-GPOS-00068
      stigid@ol8: OL08-00-010171
 -    stigid@rhel8: RHEL-08-010171
@@ -13405,10 +12623,10 @@ index b0e1de6ba..e08be5aa9 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index 9934d1913..71f621d44 100644
+index 3369554bc..5b17bcd70 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-APP-000233-CTR-000585
      stigid@ol7: OL07-00-020220
      stigid@ol8: OL08-00-010450
@@ -13438,10 +12656,10 @@ index 78c1d4f61..0fc55b9c0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index dfdf3b2d5..1b06e2ff1 100644
+index 237064080..bebc238b5 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-OS-000134-GPOS-00068
      stigid@ol7: OL07-00-020210
      stigid@ol8: OL08-00-010170
@@ -13451,10 +12669,10 @@ index dfdf3b2d5..1b06e2ff1 100644
  ocil_clause: 'SELINUX is not set to enforcing'
  
 diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-index 27e69b5fe..445ec71ce 100644
+index 9d751d635..058fc3bf6 100644
 --- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000324-GPOS-00125
      stigid@ol7: OL07-00-020020
      stigid@ol8: OL08-00-040400
@@ -13464,10 +12682,10 @@ index 27e69b5fe..445ec71ce 100644
  ocil_clause: 'non-admin users are not confined correctly'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index fa03c9518..3fb3d75a9 100644
+index dcd2011ed..c75ef3ead 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-@@ -75,7 +75,7 @@ references:
+@@ -80,7 +80,7 @@ references:
      nist@sle15: SC-28,SC-28.1
      srg: SRG-OS-000405-GPOS-00184,SRG-OS-000185-GPOS-00079,SRG-OS-000404-GPOS-00183
      stigid@ol8: OL08-00-010030
@@ -13477,10 +12695,10 @@ index fa03c9518..3fb3d75a9 100644
      stigid@sle15: SLES-15-010330
      stigid@ubuntu2004: UBTU-20-010414
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index e683fdfbf..a0f534130 100644
+index 44f415f05..b181d9e15 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021310
      stigid@ol8: OL08-00-010800
@@ -13490,7 +12708,7 @@ index e683fdfbf..a0f534130 100644
      stigid@sle15: SLES-15-040200
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
-index 5b787ebfc..6b1f4a28d 100644
+index 4ac7375e0..7d8c344ef 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
 @@ -37,7 +37,7 @@ references:
@@ -13503,10 +12721,10 @@ index 5b787ebfc..6b1f4a28d 100644
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index 88cda7935..1269bec7e 100644
+index 509a3ae7e..0afb7b143 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021320
      stigid@ol8: OL08-00-010540
@@ -13516,7 +12734,7 @@ index 88cda7935..1269bec7e 100644
      stigid@sle15: SLES-15-040210
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
-index 93a76085a..976a31b16 100644
+index 2aa64e3b0..838ff5c90 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
 @@ -38,7 +38,7 @@ references:
@@ -13529,10 +12747,10 @@ index 93a76085a..976a31b16 100644
  {{{ complete_ocil_entry_separate_partition(part="/var/log") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-index 65278897f..78c600918 100644
+index 1cbfe4024..1f18a3ba2 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000341-GPOS-00132,SRG-OS-000480-GPOS-00227,SRG-APP-000357-CTR-000800
      stigid@ol7: OL07-00-021330
      stigid@ol8: OL08-00-010542
@@ -13542,11 +12760,11 @@ index 65278897f..78c600918 100644
      stigid@sle15: SLES-15-030810
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-index 01944ea38..c9deb3f02 100644
+index 0fe3f728a..b78fd700f 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
-@@ -31,7 +31,7 @@ references:
-     cis@ubuntu2204: 1.1.4.1
+@@ -32,7 +32,7 @@ references:
+     disa: CCI-000366
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010544
 -    stigid@rhel8: RHEL-08-010544
@@ -13575,10 +12793,10 @@ index 917fc7dc4..bc1d7c63c 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-index d2080f0d8..0cefa0581 100644
+index 1f62e436c..10278a708 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-010063
      stigid@ol8: OL08-00-020032
@@ -13598,11 +12816,11 @@ index f5d68f1c3..91f02c0d4 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
-index f46be4e7b..56f9f5777 100644
+index ea6da5dbd..3d2395dd0 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
 @@ -33,7 +33,7 @@ references:
-     disa: CCI-000056,CCI-000058
+     disa: CCI-000057,CCI-000056
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol8: OL08-00-020050
 -    stigid@rhel8: RHEL-08-020050
@@ -13631,10 +12849,10 @@ index 6b19c8138..1f656f5a8 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-index 80813b313..3a1686245 100644
+index 163bc2196..255da2cff 100644
 --- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00229
      stigid@ol7: OL07-00-010440
      stigid@ol8: OL08-00-010820
@@ -13784,10 +13002,10 @@ index 5b08acff4..d1af90b16 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-index 6f79beed4..b4bf15780 100644
+index 1daf160b9..0373651ce 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010070
      stigid@ol8: OL08-00-020060
@@ -13807,10 +13025,10 @@ index 9d034e519..2c45806b4 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-index 461f0db05..8afdf5df0 100644
+index 4341b6a35..88da01dd6 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010110
      stigid@ol8: OL08-00-020031
@@ -13830,10 +13048,10 @@ index d04e6893f..5b9cba007 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-index ee076ed23..e0b1cbaaf 100644
+index 654825af0..015e80773 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -54,7 +54,7 @@ references:
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol7: OL07-00-010060
      stigid@ol8: OL08-00-020030,OL08-00-020082
@@ -13853,10 +13071,10 @@ index 34ff91ab3..875abf68d 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-index 0da50470c..cd4d60732 100644
+index 2a5e4079a..02c981e1e 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      pcidss: Req-8.1.8
      srg: SRG-OS-000028-GPOS-00009,SRG-OS-000030-GPOS-00011
      stigid@ol7: OL07-00-010062
@@ -13896,10 +13114,10 @@ index ed7d98843..a41cb7151 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-index cc365cdfd..8fa507d50 100644
+index 9cc43aab3..c3b1eef55 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010081
      stigid@ol8: OL08-00-020080
@@ -13919,10 +13137,10 @@ index c379700ad..6d91cec21 100644
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-index 4ace70937..8daf65442 100644
+index d0b55e52f..9a20f4f0c 100644
 --- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
 +++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000029-GPOS-00010,SRG-OS-000031-GPOS-00012
      stigid@ol7: OL07-00-010082
      stigid@ol8: OL08-00-020081
@@ -13978,7 +13196,7 @@ index c7617bc43..7de8de33c 100644
      


      For more information on GNOME and the GNOME Project, see {{{ weblink(link="https://www.gnome.org") }}}.
 diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index d4f698215..01373e326 100644
+index e0b7e6db5..e493211ea 100644
 --- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
 @@ -4,6 +4,7 @@
@@ -14013,10 +13231,10 @@ index 8b47069e6..1c71866b7 100644
      stigid@sle15: SLES-15-010000
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-index 8f5d6697f..07e0753c6 100644
+index da8686d40..78ac0f50b 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000423-GPOS-00187,SRG-OS-000426-GPOS-00190
      stigid@ol8: OL08-00-010020
@@ -14096,10 +13314,10 @@ index dd096ab41..b180ed3b3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-index 93073191c..9fcd75990 100644
+index e5b8bd84f..443aae23e 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
-@@ -67,7 +67,7 @@ references:
+@@ -68,7 +68,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1
      srg: SRG-OS-000396-GPOS-00176,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174
      stigid@ol8: OL08-00-010020
@@ -14298,10 +13516,10 @@ index 3776d35aa..8710aef51 100644
  configfile=/etc/crypto-policies/back-ends/gnutls.config
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-index da3b61ed3..02b0c4c3d 100644
+index f7785a436..dce2f358a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -30,7 +30,7 @@ references:
      nist: SC-13,SC-12(2),SC-12(3)
      srg: SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010020
@@ -14343,7 +13561,7 @@ index 4eb5348f2..9047445c5 100644
  rm -f /etc/krb5.conf.d/crypto-policies
  ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
-index f4827290a..dbb961bd7 100644
+index eebc3f626..40cc3e8fb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
 @@ -36,7 +36,7 @@ references:
@@ -15039,12 +14257,12 @@ index b6ff5881d..5198a6486 100644
  file="/etc/ssh/ssh_config.d/02-ospp.conf"
  echo -e "Match final all\n\
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
-index 0a74e07c8..11263cbbe 100644
+index 3234911f5..7ed556afc 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
  # reboot = true
  # strategy = restrict
  # complexity = low
@@ -15059,7 +14277,7 @@ index 6db8f9654..2f0172991 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index f25e84f0e..2c0b0062c 100644
+index 5ddb29f3e..4674919b5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -15072,91 +14290,91 @@ index f25e84f0e..2c0b0062c 100644
  ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
-index 0bf0e7eef..9521cde55 100644
+index c657d38e4..6a12ab44f 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
-index 47afc638c..e3f898028 100644
+index 47db65982..b826d6fe5 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
-index fc068d8f2..06dd7f45f 100644
+index 48df6a59e..ca967abaf 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_correct_followed_by_incorrect_commented.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
-index 32d81d353..f2a71b8a4 100644
+index 5d8ccfabc..ed3e31268 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
-index d7e16d6bf..e0a234147 100644
+index 3ed3703ad..5b4b186c4 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_empty_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
-index 20e9fe1d2..6833b5d94 100644
+index 8581790de..89e68984c 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_followed_by_correct_commented.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
-index 5f74ce16c..4eb372c51 100644
+index ccc41132d..39381d3b6 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_incorrect_policy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  incorrect_sshd_approved_ciphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
-index 4f335aebc..73c481b02 100644
+index 1a198d67d..7efa3afeb 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/tests/stig_missing_file.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,multi_platform_fedora
-+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_fedora
+ # variables = sshd_approved_ciphers=aes256-ctr,aes192-ctr,aes128-ctr
  
  configfile=/etc/crypto-policies/back-ends/openssh.config
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/ansible/shared.yml
@@ -15180,7 +14398,7 @@ index 365136d0c..e7f764dda 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
-index 2b95e3b80..a7628932f 100644
+index 5d5b47d86..e45953b86 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -15583,32 +14801,19 @@ index 0447bf2c4..43627ebd3 100644
  # reboot = false
  # strategy = restrict
  # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-index 65b5ded0c..b0ec426ef 100644
---- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
-@@ -25,7 +25,7 @@ references:
-     nist: SI-2(2)
-     srg: SRG-OS-000191-GPOS-00080
-     stigid@ol7: OL07-00-020019
--    stigid@rhel8: RHEL-08-010001
-+    stigid@almalinux8: RHEL-08-010001
-     stigid@sle12: SLES-12-010599
-     stigid@sle15: SLES-15-010001
- 
 diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-index 73d3894f4..c16a688d2 100644
+index 88d8a4312..dde17fabc 100644
 --- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
 +++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -33,7 +33,7 @@ references:
+     disa: CCI-001263,CCI-000366
      nist: SI-2(2)
      srg: SRG-OS-000191-GPOS-00080
-     stigid@ol7: OL07-00-020019
 -    stigid@rhel8: RHEL-08-010001
 +    stigid@almalinux8: RHEL-08-010001
-     stigid@sle12: SLES-12-010599
-     stigid@sle15: SLES-15-010001
      stigid@ubuntu2004: UBTU-20-010415
+ 
+ ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
 index 9647791ef..9f70b30d4 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
@@ -15630,7 +14835,7 @@ index 5da0c99e6..57ac7592b 100644
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index 9b95ba2db..916c78430 100644
+index ea4eb058f..aa7ea64f6 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -15667,10 +14872,10 @@ index b92e82236..138d2c997 100644
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-index 3b50e0706..4e4d713e1 100644
+index 267fc6b0d..19f208051 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-@@ -25,7 +25,7 @@
+@@ -27,7 +27,7 @@
              
            
@@ -15679,7 +14884,7 @@ index 3b50e0706..4e4d713e1 100644
            
            {{% else %}}
-@@ -77,7 +77,7 @@ to a crypto policy module that further restricts the modified crypto policy.">
+@@ -79,7 +79,7 @@ to a crypto policy module that further restricts the modified crypto policy.">
    {{%- endif %}}
    
  
@@ -15689,10 +14894,10 @@ index 3b50e0706..4e4d713e1 100644
      check="all" check_existence="all_exist"
      comment="FIPS mode is selected in running kernel options">
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index d23514f61..96bc81e58 100644
+index 29cafb8cc..da1feb8e1 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
      stigid@ol8: OL08-00-010020
@@ -15702,10 +14907,10 @@ index d23514f61..96bc81e58 100644
  ocil_clause: 'FIPS mode is not enabled'
  
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index af032cfe4..522578ad9 100644
+index b99066920..8bbeff033 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -32,7 +32,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -15715,20 +14920,20 @@ index af032cfe4..522578ad9 100644
  ocil_clause: 'crypto.fips_enabled is not 1'
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
-index 04e69228b..9072c4023 100644
+index b320fccb5..5e1c5b637 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  
- {{% if 'sle' in product %}}
+ {{% if 'sle' in product or 'slmicro' in produc %}}
  zypper -q --no-remote ref
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index 3b7415f21..d82729db9 100644
+index 8b0fc6c63..4be148425 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-@@ -59,7 +59,7 @@ references:
+@@ -61,7 +61,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199
      stigid@ol7: OL07-00-020029
      stigid@ol8: OL08-00-010359
@@ -15738,30 +14943,30 @@ index 3b7415f21..d82729db9 100644
      stigid@sle15: SLES-15-010419
      stigid@ubuntu2004: UBTU-20-010450
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
-index 4109e8d44..65a693e23 100644
+index c78b92690..39bab2902 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
-index ea2a1113b..fbc6b9b8a 100644
+index eb25eaa3a..1c4e85445 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-index a919ab685..eec84ed6d 100644
+index 054ccc597..bb33da7f5 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist: AU-9(3),AU-9(3).1
      srg: SRG-OS-000278-GPOS-00108
      stigid@ol8: OL08-00-030650
@@ -15825,10 +15030,10 @@ index dfa5c1b6c..60ac94141 100644
  {{{ bash_package_install("aide") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-index d786e1309..b251f09c6 100644
+index 457b1c08a..c31223f2d 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000363-GPOS-00150,SRG-OS-000446-GPOS-00200,SRG-OS-000447-GPOS-00201
      stigid@ol7: OL07-00-020040
      stigid@ol8: OL08-00-010360
@@ -15872,10 +15077,10 @@ index 080fb65f7..baaa05ba2 100644
  
  cat >/etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf </etc/aide.conf <> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
-index cdd8174d2..ab7afd6a4 100644
+index ee448e531..13b381ede 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
-index 093f9dd80..0cd6dbf48 100644
+index ef3750b2f..ccef4017d 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
-index 3372c20b7..6c9e6fc44 100644
+index ebbcef34d..0e3a3d43a 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
-index ef0abd449..9606a913c 100644
+index 3794bb647..e8d9bbaa6 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
 @@ -1,4 +1,4 @@
--# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_slmicro
++# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_slmicro
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
-index 6247b5230..bd82dc53d 100644
+index 81b218e1a..b8114e674 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
-index 071e3a0ab..b6779c1c5 100644
+index 60354bba5..aebe5505f 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  echo 'Defaults !targetpw' >> /etc/sudoers
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
-index 273fb4529..b15cdc1da 100644
+index c8e38ccd0..7955c2d54 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
-index d477b5972..569a80382 100644
+index 4454ed38e..97a9346e2 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  touch /etc/sudoers.d/empty
 diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
-index a4c5bde62..42fb94bf8 100644
+index 1de6b3bbb..06eadc9e9 100644
 --- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
 +++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15,multi_platform_slmicro
  # packages = sudo
  
  touch /etc/sudoers.d/empty
@@ -16376,11 +15581,11 @@ index 67e715345..e3e9ad0a5 100644
  {{{ complete_ocil_entry_package(package="abrt-plugin-sosreport") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
-index 20fcf674c..73284d2d6 100644
+index 5f33752d3..155ef0f5c 100644
 --- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
 @@ -20,7 +20,7 @@ references:
-     disa: CCI-000381,CCI-000366
+     disa: CCI-000366,CCI-000381
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040370
 -    stigid@rhel8: RHEL-08-040370
@@ -16389,11 +15594,11 @@ index 20fcf674c..73284d2d6 100644
  {{{ complete_ocil_entry_package(package="gssproxy") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
-index eb5ac173e..5830d7b2c 100644
+index 152061a7d..91eb3575f 100644
 --- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
 @@ -21,7 +21,7 @@ references:
-     disa: CCI-000366
+     disa: CCI-000366,CCI-000381
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040380
 -    stigid@rhel8: RHEL-08-040380
@@ -16454,7 +15659,7 @@ index 5a020f452..a3769b969 100644
  {{{ complete_ocil_entry_package(package="python3-abrt-addon") }}}
  
 diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
-index 625526681..816d1f026 100644
+index 400e92922..b3eb3baa9 100644
 --- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
 @@ -21,7 +21,7 @@ references:
@@ -16467,11 +15672,11 @@ index 625526681..816d1f026 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
-index 759671d75..f413d3fc1 100644
+index 0e6096fd0..155f7e727 100644
 --- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 +++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
 @@ -23,7 +23,7 @@ references:
-     disa: CCI-000366
+     disa: CCI-000366,CCI-000381
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040390
 -    stigid@rhel8: RHEL-08-040390
@@ -16480,30 +15685,30 @@ index 759671d75..f413d3fc1 100644
  {{{ complete_ocil_entry_package(package="tuned") }}}
  
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
-index 71b66ebab..f51a5fa0a 100644
+index e25b2e615..5ef42594e 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
-index 34127fd17..e30b09600 100644
+index 742c2e452..c7fdd0009 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  
- {{% if 'sle' in product %}}
+ {{% if 'sle' in product or 'slmicro' in product %}}
  {{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
 diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-index ef3543c48..3147db79f 100644
+index e247a6762..f0838be22 100644
 --- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
 +++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000437-GPOS-00194
      stigid@ol7: OL07-00-020200
      stigid@ol8: OL08-00-010440
@@ -16755,19 +15960,19 @@ index 000000000..11cebb049
 +    The command should return the string below:
 +    
gpg(AlmaLinux <packager@almalinux.org>

 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
-index 2bf91c8ca..b5f520737 100644
+index 4366d9faa..4a3043290 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  
  {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index 84dcabf9b..575978d82 100644
+index d3fe7d0fb..771ea7ea1 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-@@ -55,7 +55,7 @@ references:
+@@ -56,7 +56,7 @@ references:
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol7: OL07-00-020050
      stigid@ol8: OL08-00-010370
@@ -16777,7 +15982,7 @@ index 84dcabf9b..575978d82 100644
      stigid@sle15: SLES-15-010430
  
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
-index 493154c75..2b4ed5dc6 100644
+index 0d38f08a0..3c48a4f53 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -16810,7 +16015,7 @@ index 07e02fa47..ee1d023d9 100644
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
  {{% else %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index ead71f5be..147e5c68f 100644
+index 5a3ce069c..50a31bfe4 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 @@ -43,7 +43,7 @@ references:
@@ -16843,7 +16048,7 @@ index 04ff6e577..b97d75469 100644
  
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
-index 142d10e75..08f750f5a 100644
+index 86d0cb5d3..9cb7152f3 100644
 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 @@ -53,7 +53,7 @@ references:
@@ -16856,7 +16061,7 @@ index 142d10e75..08f750f5a 100644
  ocil_clause: 'the Red Hat GPG Key is not installed'
  
 diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
-index cbd37bfad..596d19f6b 100644
+index e77380808..ecda8e8c8 100644
 --- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 +++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
 @@ -16,6 +16,11 @@ description: |-
@@ -16868,10 +16073,10 @@ index cbd37bfad..596d19f6b 100644
 +    
$ sudo yum update

 +    If the system is not configured to use repos, updates (in the form of RPM packages)
 +    can be manually downloaded from the repos and installed using rpm.
- {{% elif product in ["sle12", "sle15"] %}}
+ {{% elif product in ["sle12", "sle15", "slmicro5"] %}}
      If the system is configured for online updates, invoking the following command will list available
      security updates:
-@@ -59,7 +64,7 @@ references:
+@@ -60,7 +65,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020260
      stigid@ol8: OL08-00-010010
@@ -19420,10 +18625,10 @@ index 000000000..fc3e37660
 +journald_conf_dir_path: /etc/systemd/journald.conf.d
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 000000000..19325d744
+index 000000000..f580bb611
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,51 @@
+@@ -0,0 +1,52 @@
 +documentation_complete: true
 +
 +metadata:
@@ -19475,12 +18680,13 @@ index 000000000..19325d744
 +    - '!accounts_passwords_pam_tally2_unlock_time'
 +    - '!audit_rules_privileged_commands_insmod'
 +    - '!ensure_oracle_gpgkey_installed'
++    - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 000000000..2fdfe6dc2
+index 000000000..0c492e830
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,58 @@
+@@ -0,0 +1,59 @@
 +documentation_complete: true
 +
 +metadata:
@@ -19539,12 +18745,13 @@ index 000000000..2fdfe6dc2
 +    - '!cracklib_accounts_password_pam_dcredit'
 +    - '!grub2_page_alloc_shuffle_argument'
 +    - '!ensure_oracle_gpgkey_installed'
++    - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 000000000..091b25673
+index 000000000..7e6adfe6b
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,39 @@
+@@ -0,0 +1,40 @@
 +documentation_complete: true
 +
 +metadata:
@@ -19584,12 +18791,13 @@ index 000000000..091b25673
 +  - '!grub2_page_alloc_shuffle_argument'
 +  - '!accounts_passwords_pam_tally2_unlock_time'
 +  - '!ensure_oracle_gpgkey_installed'
++  - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 000000000..c07e2651d
+index 000000000..772d31035
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,35 @@
+@@ -0,0 +1,36 @@
 +documentation_complete: true
 +
 +metadata:
@@ -19625,6 +18833,7 @@ index 000000000..c07e2651d
 +  - '!cracklib_accounts_password_pam_ocredit'
 +  - '!accounts_passwords_pam_tally2_unlock_time'
 +  - '!ensure_oracle_gpgkey_installed'
++  - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
 index 000000000..40d3e5ceb
@@ -19946,10 +19155,10 @@ index 000000000..5fd48dbdc
 +    - var_system_crypto_policy=fips
 diff --git a/products/almalinux8/profiles/default.profile b/products/almalinux8/profiles/default.profile
 new file mode 100644
-index 000000000..cbca10275
+index 000000000..912b50837
 --- /dev/null
 +++ b/products/almalinux8/profiles/default.profile
-@@ -0,0 +1,712 @@
+@@ -0,0 +1,718 @@
 +documentation_complete: true
 +
 +hidden: true
@@ -20662,6 +19871,12 @@ index 000000000..cbca10275
 +    - sebool_cluster_manage_all_files
 +    - iptables_rules_for_open_ports
 +    - dovecot_configure_ssl_key
++    - banner_etc_motd
++    - banner_etc_issue_net
++    - agent_mfetpd_running
++    - configure_bashrc_tmux
++    - configure_tmux_lock_keybinding
++    - package_mcafeetp_installed
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
 index 000000000..491958fdd
@@ -20994,7 +20209,7 @@ index 000000000..f4c77f241
 +    - audit_rules_usergroup_modification_shadow
 diff --git a/products/almalinux8/profiles/ism_o.profile b/products/almalinux8/profiles/ism_o.profile
 new file mode 100644
-index 000000000..aac055ee1
+index 000000000..2eee6cf30
 --- /dev/null
 +++ b/products/almalinux8/profiles/ism_o.profile
 @@ -0,0 +1,139 @@
@@ -21101,7 +20316,7 @@ index 000000000..aac055ee1
 +
 +  ## Events to be logged
 +  ## Identifiers 0580 / 0584 / 0582 / 0585 / 0586 / 0846 / 0957
-+  - display_login_attempts
++  - sshd_print_last_log
 +  - sebool_auditadm_exec_content
 +  - audit_rules_privileged_commands
 +  - audit_rules_session_events
@@ -21582,22 +20797,22 @@ index 000000000..094c14a62
 +    - zipl_page_poison_argument
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 000000000..a27fdbd6f
+index 000000000..522b22fe2
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
 @@ -0,0 +1,59 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: '4.0'
++    version: '4.0.1'
 +    SMEs:
 +        - marcusburghardt
 +        - mab879
 +        - vojtapolasek
 +
-+reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf
++reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf
 +
-+title: 'PCI-DSS v4.0 Control Baseline for Red Hat Enterprise Linux 8'
++title: 'PCI-DSS v4.0.1 Control Baseline for Red Hat Enterprise Linux 8'
 +
 +description: |-
 +    Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
@@ -21606,7 +20821,7 @@ index 000000000..a27fdbd6f
 +    financial information.
 +
 +    This profile ensures Red Hat Enterprise Linux 8 is configured in alignment
-+    with PCI-DSS v4.0 requirements.
++    with PCI-DSS v4.0.1 requirements.
 +
 +selections:
 +    - pcidss_4:all
@@ -21853,14 +21068,14 @@ index 000000000..3c09d50d0
 +    - file_permissions_user_cfg
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 000000000..00e77054c
+index 000000000..0ba423604
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1256 @@
+@@ -0,0 +1,1236 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R14
++    version: V2R1
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -21871,7 +21086,7 @@ index 000000000..00e77054c
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 8 V1R14.
++    DISA STIG for Red Hat Enterprise Linux 8 V2R1.
 +
 +    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
 +    configuration baseline as applicable to the operating system tier of
@@ -21951,10 +21166,6 @@ index 000000000..00e77054c
 +    # RHEL-08-010000
 +    - installed_OS_is_vendor_supported
 +
-+    # RHEL-08-010001
-+    - package_mcafeetp_installed
-+    - agent_mfetpd_running
-+
 +    # RHEL-08-010010
 +    - security_patches_up_to_date
 +
@@ -22406,20 +21617,7 @@ index 000000000..00e77054c
 +
 +    # RHEL-08-020035
 +    - logind_session_timeout
-+    - var_logind_session_timeout=15_minutes
-+
-+    # RHEL-08-020039
-+    - package_tmux_installed
-+
-+    # RHEL-08-020040
-+    - configure_tmux_lock_command
-+    - configure_tmux_lock_keybinding
-+
-+    # RHEL-08-020041
-+    - configure_bashrc_tmux
-+
-+    # RHEL-08-020042
-+    - no_tmux_in_shells
++    - var_logind_session_timeout=10_minutes
 +
 +    # RHEL-08-020050
 +    - dconf_gnome_lock_screen_on_smartcard_removal
@@ -22427,9 +21625,6 @@ index 000000000..00e77054c
 +    # RHEL-08-020060
 +    - dconf_gnome_screensaver_idle_delay
 +
-+    # RHEL-08-020070
-+    - configure_tmux_lock_after_time
-+
 +    # RHEL-08-020080
 +    - dconf_gnome_screensaver_user_locks
 +
@@ -23115,14 +22310,14 @@ index 000000000..00e77054c
 +    - package_krb5-server_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 000000000..d05be9233
+index 000000000..9de6ac92b
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
 @@ -0,0 +1,51 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V1R14
++    version: V2R1
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -23133,7 +22328,7 @@ index 000000000..d05be9233
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V1R14.
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R1.
 +
 +    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
 +    configuration baseline as applicable to the operating system tier of
@@ -23287,10 +22482,10 @@ index 000000000..91af880dd
 +
 +
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index 14a64dbbd..21d46b509 100644
+index 19129cc69..683721b2b 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -14,6 +14,7 @@
+@@ -15,6 +15,7 @@
  	multi_platform_ol
  	multi_platform_rhcos
  	multi_platform_rhel
@@ -23298,36 +22493,36 @@ index 14a64dbbd..21d46b509 100644
  	multi_platform_rhv
  	multi_platform_sle
      multi_platform_slmicro5
-diff --git a/shared/references/disa-stig-almalinux8-v1r13-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v1r13-xccdf-scap.xml
+diff --git a/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml
 new file mode 120000
-index 000000000..ce9a5f344
+index 000000000..e83874f8c
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r13-xccdf-scap.xml
++++ b/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r13-xccdf-scap.xml
++disa-stig-rhel8-v2r1-xccdf-manual.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-almalinux8-v1r14-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v1r14-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml
 new file mode 120000
-index 000000000..f6292c450
+index 000000000..695c2b8c5
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v1r14-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v1r14-xccdf-manual.xml
++disa-stig-rhel8-v2r1-xccdf-scap.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
-index 1d087be21..306818938 100644
---- a/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol7-v2r14-xccdf-manual.xml
-@@ -934,7 +934,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
+diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
+index e83699662..1efabcf62 100644
+--- a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
+@@ -917,7 +917,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
  $ sudo grep -iw grub2_password /boot/grub2/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
--If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL07-00-010491Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089V-99143SV-108247CCI-000213Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -946,7 +946,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
+@@ -929,7 +929,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
  
  Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
  
@@ -23335,8 +22530,8 @@ index 1d087be21..306818938 100644
 +$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
- If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1838,7 +1838,7 @@ On BIOS-based machines, use the following command:
+ If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.SRG-OS-000104-GPOS-00051<GroupDescription></GroupDescription>OL07-00-010500The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.<VulnDiscussion>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+@@ -1809,7 +1809,7 @@ On BIOS-based machines, use the following command:
  
  On UEFI-based machines, use the following command:
  
@@ -23345,7 +22540,7 @@ index 1d087be21..306818938 100644
  
  If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=<partition of /boot or /boot/efi> must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
  
-@@ -1869,7 +1869,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
+@@ -1840,7 +1840,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
  
  If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
  
@@ -23354,9 +22549,9 @@ index 1d087be21..306818938 100644
  
  # grep fips /boot/grub2/grub.cfg
  /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -1941,23 +1941,23 @@ An example rule that includes the "sha512" rule follows:
+@@ -1912,23 +1912,23 @@ An example rule that includes the "sha512" rule follows:
  
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
+ If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.SRG-OS-000364-GPOS-00151<GroupDescription></GroupDescription>OL07-00-021700The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.<VulnDiscussion>Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 7DISADPMS TargetOracle Linux 74089SV-108367V-99263CCI-001813Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.Verify the system is not configured to use a boot loader on removable media.
  
 -Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 +Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
@@ -23383,7 +22578,7 @@ index 1d087be21..306818938 100644
       set root='hd0,gpt2'
       set root='hd0,gpt2'
       set root='hd0,gpt2'
-@@ -4481,12 +4481,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+@@ -4453,12 +4453,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -23398,10 +22593,10 @@ index 1d087be21..306818938 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-ol8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r1-xccdf-manual.xml
-index eb33a0297..deb9b8ec3 100644
---- a/shared/references/disa-stig-ol8-v2r1-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v2r1-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
+index e159256ef..4939cfe13 100644
+--- a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
 @@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
+diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
+index 662cf8848..6dc6f2517 100644
+--- a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
++++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
+@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 5000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+ 
+ Generate an encrypted grub2 password for the grub superusers account with the following command:
+ 
+@@ -384,7 +384,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
++$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
+ 
+ Verify that a unique name is set as the "superusers" account:
+ 
+-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
++$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
+ set superusers="[someuniquestringhere]"
+ export superusers
+ 
+diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
+index 4b581f4a0..31e165cbf 100644
+--- a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
+@@ -2548,7 +2548,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
              2921
            
            CCI-000213
@@ -23447,7 +22678,7 @@ index 2bb4af3b9..5fa087d7e 100644
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -10268,7 +10268,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
+@@ -10130,7 +10130,8 @@ $ sudo systemctl restart systemd-logind
            
              The system is RHEL 8.3 or lower
              
@@ -23457,7 +22688,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              
            
-@@ -10293,7 +10294,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
+@@ -10155,7 +10156,8 @@ $ sudo systemctl restart systemd-logind
            
              The RHEL 8 version is RHEL 8.2 or newer.
              
@@ -23467,7 +22698,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              External definition used to determine if the RHEL 8 version is RHEL 8.2 or newer for version applicability based requirements.
            
-@@ -10306,7 +10308,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
+@@ -10168,7 +10170,8 @@ $ sudo systemctl restart systemd-logind
            
              IPv6 is disabled in the kernel.
              
@@ -23477,7 +22708,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              IPv6 is disabled in the kernel, either via a kernel cmdline option or sysctl.
            
-@@ -10322,7 +10325,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
+@@ -10184,7 +10187,8 @@ $ sudo systemctl restart systemd-logind
            
              OpenSSH is installed.
              
@@ -23487,7 +22718,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              OpenSSH is installed
            
-@@ -10334,7 +10338,8 @@ Note: To preserve running user programs such as tmux, uncomment and/or edit "Kil
+@@ -10196,7 +10200,8 @@ $ sudo systemctl restart systemd-logind
            
              RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
              
@@ -23497,7 +22728,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
  
-@@ -10351,7 +10356,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
+@@ -10213,7 +10218,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
            
              RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
              
@@ -23507,7 +22738,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
  
-@@ -10367,7 +10373,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10229,7 +10235,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
              
@@ -23517,7 +22748,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The system must use a strong hashing algorithm to store the password.
  
-@@ -10381,7 +10388,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10243,7 +10250,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
              
@@ -23527,7 +22758,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
  
-@@ -10396,15 +10404,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10258,15 +10266,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.
              
@@ -23549,7 +22780,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
            
          
-@@ -10412,7 +10421,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10274,7 +10283,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
              
@@ -23559,7 +22790,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
            
-@@ -10428,7 +10438,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10290,7 +10300,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010160 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
              
@@ -23569,7 +22800,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If the system does not require valid root authentication before it boots into rescue mode, anyone who invokes rescue mode is granted privileged access to all files on the system.
            
-@@ -10440,7 +10451,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+@@ -10302,7 +10313,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
              
@@ -23579,7 +22810,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -10460,7 +10472,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10322,7 +10334,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
              
@@ -23589,7 +22820,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -10480,7 +10493,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -10342,7 +10355,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010171 - RHEL 8 must have the policycoreutils package installed.
              
@@ -23599,7 +22830,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -10494,7 +10508,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
+@@ -10356,7 +10370,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
            
              RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
              
@@ -23609,7 +22840,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10508,7 +10523,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10370,7 +10385,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
              
@@ -23619,7 +22850,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10522,7 +10538,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10384,7 +10400,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
              
@@ -23629,7 +22860,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10536,7 +10553,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10398,7 +10415,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
              
@@ -23639,7 +22870,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10550,7 +10568,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10412,7 +10430,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
              
@@ -23649,7 +22880,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10564,7 +10583,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10426,7 +10445,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
              
@@ -23659,7 +22890,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -10578,7 +10598,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -10440,7 +10460,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
              
@@ -23669,7 +22900,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
  
-@@ -10594,7 +10615,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+@@ -10456,7 +10477,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
            
              RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
              
@@ -23679,7 +22910,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
  
-@@ -10622,7 +10644,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
+@@ -10484,7 +10506,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
            
              RHEL-08-010310 - RHEL 8 system commands must be owned by root.
              
@@ -23689,7 +22920,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -10636,7 +10659,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10498,7 +10521,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
              
@@ -23699,7 +22930,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -10650,7 +10674,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -10512,7 +10536,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
              
@@ -23709,7 +22940,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -10667,7 +10692,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -10529,7 +10554,8 @@ Verifying the authenticity of the software prior to installation validates the i
            
              RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
              
@@ -23719,7 +22950,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -10690,7 +10716,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10552,7 +10578,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
              
@@ -23729,7 +22960,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write).  Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment.  DAC allows the owner to determine who will have access to objects they control.  An example of DAC includes user-controlled file permissions.  
  
-@@ -10714,7 +10741,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10576,7 +10603,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
              
@@ -23739,7 +22970,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
  
-@@ -10739,7 +10767,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10601,7 +10629,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
              
@@ -23749,7 +22980,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -10765,7 +10794,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10627,7 +10656,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
              
@@ -23759,7 +22990,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
  
-@@ -10792,7 +10822,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10654,7 +10684,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
              
@@ -23769,7 +23000,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -10807,7 +10838,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10669,7 +10700,8 @@ When operating systems provide the capability to escalate a functional capabilit
            
              RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
              
@@ -23779,7 +23010,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
  
-@@ -10822,7 +10854,8 @@ When operating systems provide the capability to escalate a functional capabilit
+@@ -10684,7 +10716,8 @@ When operating systems provide the capability to escalate a functional capabilit
            
              RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
              
@@ -23789,7 +23020,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
  
-@@ -10842,7 +10875,8 @@ This requirement only applies to components where this is specific to the functi
+@@ -10704,7 +10737,8 @@ This requirement only applies to components where this is specific to the functi
            
              RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
              
@@ -23799,7 +23030,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
  
-@@ -10865,7 +10899,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10727,7 +10761,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
              
@@ -23809,7 +23040,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
            
-@@ -10877,7 +10912,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10739,7 +10774,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
              
@@ -23819,7 +23050,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
            
-@@ -10889,7 +10925,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10751,7 +10787,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
              
@@ -23829,7 +23060,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
            
-@@ -10901,7 +10938,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10763,7 +10800,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
              
@@ -23839,7 +23070,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
            
-@@ -10914,7 +10952,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10776,7 +10814,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
              
@@ -23849,7 +23080,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
            
-@@ -10927,7 +10966,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10789,7 +10828,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
              
@@ -23859,7 +23090,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
            
-@@ -10940,7 +10980,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10802,7 +10842,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known hosts authentication.
              
@@ -23869,7 +23100,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
            
-@@ -10953,7 +10994,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10815,7 +10856,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
              
@@ -23879,7 +23110,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use Kerberos authentication, even in the event of misconfiguration elsewhere.
            
-@@ -10966,7 +11008,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10828,7 +10870,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
              
@@ -23889,7 +23120,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10979,7 +11022,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10841,7 +10884,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
              
@@ -23899,7 +23130,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -10992,7 +11036,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10854,7 +10898,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
              
@@ -23909,7 +23140,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
            
-@@ -11005,7 +11050,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10867,7 +10912,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010560 - The auditd service must be running in RHEL 8.
              
@@ -23919,7 +23150,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -11020,7 +11066,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10882,7 +10928,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
              
@@ -23929,7 +23160,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -11035,12 +11082,13 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10897,12 +10944,13 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
              
@@ -23945,7 +23176,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
                
                
-@@ -11051,7 +11099,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10913,7 +10961,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
              
@@ -23955,7 +23186,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
            
-@@ -11064,7 +11113,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10926,7 +10975,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
              
@@ -23965,7 +23196,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -11077,7 +11127,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10939,7 +10989,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
              
@@ -23975,7 +23206,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -11090,7 +11141,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10952,7 +11003,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
              
@@ -23985,7 +23216,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
            
-@@ -11103,7 +11155,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -10965,7 +11017,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
              
@@ -23995,7 +23226,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -11124,7 +11177,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -10986,7 +11039,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
              
@@ -24005,7 +23236,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -11139,7 +11193,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11001,7 +11055,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010674 - RHEL 8 must disable storing core dumps.
              
@@ -24015,7 +23246,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -11153,7 +11208,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11015,7 +11070,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
              
@@ -24025,7 +23256,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -11167,7 +11223,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11029,7 +11085,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation
              
@@ -24035,7 +23266,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
            
-@@ -11179,7 +11236,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11041,7 +11098,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
              
@@ -24045,7 +23276,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              SSH environment options potentially allow users to bypass access restriction in some configurations.
            
-@@ -11192,7 +11250,8 @@ A core dump includes a memory image taken at the time the operating system termi
+@@ -11054,7 +11112,8 @@ A core dump includes a memory image taken at the time the operating system termi
            
              RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
              
@@ -24055,7 +23286,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11216,7 +11275,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11078,7 +11137,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
              
@@ -24065,7 +23296,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              In RHEL 8.2 the "/etc/security/faillock.conf" file was incorporated to centralize the configuration of the pam_faillock.so module.  Also introduced is a "local_users_only" option that will only track failed user authentication attempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users to allow the centralized platform to solely manage user lockout.
  
-@@ -11231,7 +11291,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11093,7 +11153,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24075,7 +23306,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11251,7 +11312,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11113,7 +11174,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24085,7 +23316,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11268,7 +11330,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11130,7 +11192,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24095,7 +23326,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11290,7 +11353,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11152,7 +11215,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24105,7 +23336,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11307,7 +11371,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11169,7 +11233,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -24115,7 +23346,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11327,7 +11392,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11189,7 +11254,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -24125,7 +23356,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11344,7 +11410,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11206,7 +11272,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
              
@@ -24135,7 +23366,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11364,7 +11431,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11226,7 +11293,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020021 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
              
@@ -24145,7 +23376,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11381,7 +11449,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
+@@ -11243,7 +11311,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24155,7 +23386,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11401,7 +11470,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
+@@ -11263,7 +11332,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
            
              RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
              
@@ -24165,17 +23396,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
  
-@@ -11418,7 +11488,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020042 - RHEL 8 must prevent users from disabling session control mechanisms.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -11434,7 +11505,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11280,7 +11350,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
              
@@ -24185,7 +23406,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
            
-@@ -11447,7 +11519,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11293,7 +11364,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/logins.def.
              
@@ -24195,7 +23416,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
            
-@@ -11459,7 +11532,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11305,7 +11377,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
              
@@ -24205,7 +23426,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
            
-@@ -11471,7 +11545,8 @@ Tmux is a terminal multiplexer that enables a number of terminals to be created,
+@@ -11317,7 +11390,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
            
              RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
              
@@ -24215,7 +23436,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -11487,7 +11562,8 @@ The DoD minimum password requirement is 15 characters.
+@@ -11333,7 +11407,8 @@ The DoD minimum password requirement is 15 characters.
            
              RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
              
@@ -24225,7 +23446,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
  
-@@ -11501,7 +11577,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
+@@ -11347,7 +11422,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            
              RHEL-08-021400 - RHEL 8 must prevent the use of dictionary words for passwords.
              
@@ -24235,7 +23456,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
            
-@@ -11513,7 +11590,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
+@@ -11359,7 +11435,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            
              RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
              
@@ -24245,7 +23466,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
  
-@@ -11527,7 +11605,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11373,7 +11450,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020330 - RHEL 8 must not have accounts configured with blank or null passwords.
              
@@ -24255,7 +23476,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
            
-@@ -11539,7 +11618,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11385,7 +11463,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
              
@@ -24265,7 +23486,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
            
-@@ -11552,7 +11632,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11398,7 +11477,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
              
@@ -24275,7 +23496,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
            
-@@ -11564,7 +11645,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11410,7 +11490,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
              
@@ -24285,7 +23506,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
            
-@@ -11580,7 +11662,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+@@ -11426,7 +11507,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
              
@@ -24295,7 +23516,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11596,7 +11679,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11442,7 +11524,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            
              RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
              
@@ -24305,7 +23526,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
  
-@@ -11612,7 +11696,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+@@ -11458,7 +11541,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
            
              RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
              
@@ -24315,7 +23536,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
  
-@@ -11630,7 +11715,8 @@ When availability is an overriding concern, other approved actions in response t
+@@ -11476,7 +11560,8 @@ When availability is an overriding concern, other approved actions in response t
            
              RHEL-08-030061 - The RHEL 8 audit system must audit local events.
              
@@ -24325,7 +23546,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11644,7 +11730,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+@@ -11490,7 +11575,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
            
              RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
              
@@ -24335,7 +23556,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11662,7 +11749,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+@@ -11508,7 +11594,8 @@ When audit logs are not labeled before they are sent to a central log server, th
            
              RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
              
@@ -24345,7 +23566,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11678,7 +11766,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
+@@ -11524,7 +11611,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
            
              RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
              
@@ -24355,7 +23576,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -11692,7 +11781,8 @@ The structure and content of error messages must be carefully considered by the
+@@ -11538,7 +11626,8 @@ The structure and content of error messages must be carefully considered by the
            
              RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
              
@@ -24365,7 +23586,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11706,7 +11796,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11552,7 +11641,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
              
@@ -24375,7 +23596,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11720,7 +11811,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11566,7 +11656,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
              
@@ -24385,7 +23606,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11734,7 +11826,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11580,7 +11671,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
              
@@ -24395,7 +23616,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11748,7 +11841,8 @@ Audit information includes all information (e.g., audit records, audit settings,
+@@ -11594,7 +11686,8 @@ Audit information includes all information (e.g., audit records, audit settings,
            
              RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
              
@@ -24405,7 +23626,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11764,7 +11858,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11610,7 +11703,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            
              RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
              
@@ -24415,7 +23636,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
  
-@@ -11780,7 +11875,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
+@@ -11626,7 +11720,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
            
              RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
              
@@ -24425,7 +23646,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11795,7 +11891,8 @@ Audit records can be generated from various components within the information sy
+@@ -11641,7 +11736,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
              
@@ -24435,7 +23656,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11810,7 +11907,8 @@ Audit records can be generated from various components within the information sy
+@@ -11656,7 +11752,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
              
@@ -24445,7 +23666,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11825,7 +11923,8 @@ Audit records can be generated from various components within the information sy
+@@ -11671,7 +11768,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
              
@@ -24455,7 +23676,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11840,7 +11939,8 @@ Audit records can be generated from various components within the information sy
+@@ -11686,7 +11784,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
              
@@ -24465,7 +23686,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11855,7 +11955,8 @@ Audit records can be generated from various components within the information sy
+@@ -11701,7 +11800,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
              
@@ -24475,7 +23696,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11870,7 +11971,8 @@ Audit records can be generated from various components within the information sy
+@@ -11716,7 +11816,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
              
@@ -24485,7 +23706,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11885,7 +11987,8 @@ Audit records can be generated from various components within the information sy
+@@ -11731,7 +11832,8 @@ Audit records can be generated from various components within the information sy
            
              RHEL-08-030180 - The RHEL 8 audit package must be installed.
              
@@ -24495,7 +23716,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
  
-@@ -11901,7 +12004,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
+@@ -11747,7 +11849,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
            
              RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
              
@@ -24505,7 +23726,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11918,7 +12022,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11764,7 +11867,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr system calls.
              
@@ -24515,7 +23736,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11965,7 +12070,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -11811,7 +11915,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record
              
@@ -24525,7 +23746,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -11984,7 +12090,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11830,7 +11935,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            
              RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record
              
@@ -24535,7 +23756,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12003,7 +12110,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+@@ -11849,7 +11955,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
            
              RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
              
@@ -24545,7 +23766,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12020,7 +12128,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11866,7 +11973,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
              
@@ -24555,7 +23776,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12037,7 +12146,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11883,7 +11991,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
              
@@ -24565,7 +23786,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12054,7 +12164,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11900,7 +12009,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
              
@@ -24575,7 +23796,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12071,7 +12182,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11917,7 +12027,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
              
@@ -24585,7 +23806,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12089,7 +12201,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11935,7 +12046,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
              
@@ -24595,7 +23816,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12106,7 +12219,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11952,7 +12064,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
              
@@ -24605,7 +23826,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12123,7 +12237,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11969,7 +12082,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
              
@@ -24615,7 +23836,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12140,7 +12255,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -11986,7 +12100,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
              
@@ -24625,7 +23846,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12157,7 +12273,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12003,7 +12118,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
              
@@ -24635,7 +23856,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12174,7 +12291,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12020,7 +12136,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
              
@@ -24645,7 +23866,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12191,7 +12309,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12037,7 +12154,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
              
@@ -24655,7 +23876,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12208,7 +12327,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12054,7 +12172,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
              
@@ -24665,7 +23886,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
  
-@@ -12225,7 +12345,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12071,7 +12190,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
              
@@ -24675,7 +23896,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12242,7 +12363,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12088,7 +12208,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
              
@@ -24685,7 +23906,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12259,7 +12381,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12105,7 +12226,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
              
@@ -24695,7 +23916,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12276,7 +12399,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12122,7 +12244,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
              
@@ -24705,7 +23926,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12293,7 +12417,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12139,7 +12262,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module command system calls in RHEL 8 must generate an audit record.
              
@@ -24715,7 +23936,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12315,7 +12440,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12161,7 +12285,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat and unlinkat commandsystem calls in RHEL 8 must generate an audit record.
              
@@ -24725,7 +23946,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12346,7 +12472,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12192,7 +12317,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
              
@@ -24735,7 +23956,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12363,7 +12490,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12209,7 +12335,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
              
@@ -24745,7 +23966,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12381,7 +12509,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12227,7 +12354,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
              
@@ -24755,7 +23976,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12398,7 +12527,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12244,7 +12372,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
              
@@ -24765,7 +23986,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12415,7 +12545,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12261,7 +12390,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
              
@@ -24775,7 +23996,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12460,7 +12591,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12306,7 +12436,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat and lchown system calls in RHEL 8 must generate an audit record.
              
@@ -24785,7 +24006,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12489,7 +12621,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12335,7 +12466,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod and fchmodat system calls in RHEL 8 must generate an audit record.
              
@@ -24795,7 +24016,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12514,7 +12647,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
+@@ -12360,7 +12492,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
            
              RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
              
@@ -24805,7 +24026,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12531,7 +12665,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12377,7 +12510,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
              
@@ -24815,7 +24036,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12548,7 +12683,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12394,7 +12528,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
              
@@ -24825,7 +24046,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12565,7 +12701,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
+@@ -12411,7 +12546,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
            
              RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
              
@@ -24835,7 +24056,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12592,7 +12729,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12438,7 +12574,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
              
@@ -24845,7 +24066,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
  
-@@ -12619,7 +12757,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12465,7 +12602,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
              
@@ -24855,7 +24076,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
            
-@@ -12632,7 +12771,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
+@@ -12478,7 +12616,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
            
              RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
              
@@ -24865,7 +24086,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12648,7 +12788,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12494,7 +12633,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
              
@@ -24875,7 +24096,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12664,7 +12805,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12510,7 +12650,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
              
@@ -24885,7 +24106,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
  
-@@ -12680,7 +12822,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+@@ -12526,7 +12667,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
            
              RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
              
@@ -24895,7 +24116,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12703,7 +12846,8 @@ Note that a port number was given as there is no standard port for RELP.
              RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
              
@@ -24905,7 +24126,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -12719,7 +12863,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12565,7 +12708,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            
              RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
              
@@ -24915,7 +24136,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
            
-@@ -12731,7 +12876,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
+@@ -12577,7 +12721,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
            
              RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
              
@@ -24925,7 +24146,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12749,7 +12895,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12595,7 +12740,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            
              RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
              
@@ -24935,7 +24156,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
  
-@@ -12767,7 +12914,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+@@ -12613,7 +12759,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
            
              RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
              
@@ -24945,7 +24166,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12789,7 +12937,8 @@ If a privileged user were to log on using this service, the privileged user pass
+@@ -12635,7 +12782,8 @@ If a privileged user were to log on using this service, the privileged user pass
            
              RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
              
@@ -24955,7 +24176,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12807,7 +12956,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12653,7 +12801,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            
              RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
              
@@ -24965,7 +24186,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12825,7 +12975,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+@@ -12671,7 +12820,8 @@ Verify the operating system is configured to disable non-essential capabilities.
            
              RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
              
@@ -24975,7 +24196,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -12843,7 +12994,8 @@ If a privileged user were to log on using this service, the privileged user pass
+@@ -12689,7 +12839,8 @@ If a privileged user were to log on using this service, the privileged user pass
            
              RHEL-08-040060 - RHEL 8 must enforce SSHv2 for network access to all accounts.
              
@@ -24985,7 +24206,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              A replay attack may enable an unauthorized user to gain access to RHEL 8. Authentication sessions between the authenticator and RHEL 8 validating the user credentials must not be vulnerable to a replay attack.
  
-@@ -12864,7 +13016,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
+@@ -12710,7 +12861,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
            
              RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
              
@@ -24995,7 +24216,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12883,7 +13036,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12729,7 +12881,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
              
@@ -25005,7 +24226,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12900,7 +13054,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12746,7 +12899,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
              
@@ -25015,7 +24236,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12919,7 +13074,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12765,7 +12919,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
              
@@ -25025,7 +24246,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12939,7 +13095,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12785,7 +12940,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
              
@@ -25035,7 +24256,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12957,7 +13114,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12803,7 +12959,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
              
@@ -25045,7 +24266,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12977,7 +13135,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12823,7 +12980,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
              
@@ -25055,7 +24276,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -12997,7 +13156,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12843,7 +13001,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
              
@@ -25065,7 +24286,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13017,7 +13177,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12863,7 +13022,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
              
@@ -25075,7 +24296,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13037,7 +13198,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12883,7 +13043,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
              
@@ -25085,7 +24306,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13057,7 +13219,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12903,7 +13064,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
              
@@ -25095,7 +24316,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13077,7 +13240,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12923,7 +13085,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
              
@@ -25105,7 +24326,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13097,7 +13261,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12943,7 +13106,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
              
@@ -25115,7 +24336,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13116,7 +13281,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12962,7 +13126,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
              
@@ -25125,7 +24346,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13135,7 +13301,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -12981,7 +13146,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
              
@@ -25135,7 +24356,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
  
-@@ -13154,7 +13321,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+@@ -13000,7 +13166,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
            
              RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
              
@@ -25145,7 +24366,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -13171,7 +13339,8 @@ Protecting the confidentiality and integrity of organizational information can b
+@@ -13017,7 +13184,8 @@ Protecting the confidentiality and integrity of organizational information can b
            
              RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
              
@@ -25155,7 +24376,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
  
-@@ -13190,7 +13359,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13036,7 +13204,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
              
@@ -25165,7 +24386,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
            
-@@ -13202,7 +13372,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13048,7 +13217,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
              
@@ -25175,7 +24396,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
            
-@@ -13214,7 +13385,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13060,7 +13230,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
              
@@ -25185,7 +24406,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
            
-@@ -13226,7 +13398,8 @@ Session key regeneration limits the chances of a session key becoming compromise
+@@ -13072,7 +13243,8 @@ Session key regeneration limits the chances of a session key becoming compromise
            
              RHEL-08-040210 - RHEL 8 must prevent Internet Control Message Protocol (ICMP) redirect messages from being accepted.
              
@@ -25195,7 +24416,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
  
-@@ -13250,7 +13423,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13096,7 +13268,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
              
@@ -25205,7 +24426,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -13273,7 +13447,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13119,7 +13292,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
              
@@ -25215,7 +24436,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
  
-@@ -13296,7 +13471,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13142,7 +13316,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040240 - RHEL 8 must not forward source-routed packets.
              
@@ -25225,7 +24446,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
  
-@@ -13320,7 +13496,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13166,7 +13341,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040250 - RHEL 8 must not forward source-routed packets by default.
              
@@ -25235,7 +24456,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
  
-@@ -13344,7 +13521,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13190,7 +13366,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040260 - RHEL 8 must not be performing packet forwarding unless the system is a router.
              
@@ -25245,7 +24466,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13368,7 +13546,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13214,7 +13391,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
              
@@ -25255,7 +24476,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13394,7 +13573,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13240,7 +13418,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
              
@@ -25265,7 +24486,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
  
-@@ -13420,7 +13600,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13266,7 +13445,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
              
@@ -25275,7 +24496,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
  
-@@ -13443,7 +13624,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13289,7 +13469,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
              
@@ -25285,7 +24506,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
  
-@@ -13467,7 +13649,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13313,7 +13494,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
              
@@ -25295,7 +24516,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13488,7 +13671,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13334,7 +13516,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.
              
@@ -25305,7 +24526,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13509,7 +13693,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13355,7 +13538,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
              
@@ -25315,7 +24536,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13530,7 +13715,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13376,7 +13560,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
              
@@ -25325,7 +24546,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13551,7 +13737,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13397,7 +13582,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
              
@@ -25335,7 +24556,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13572,7 +13759,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13418,7 +13604,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
              
@@ -25345,7 +24566,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
            
-@@ -13585,7 +13773,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13431,7 +13618,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
              
@@ -25355,7 +24576,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a ''no'' setting.
  X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.
-@@ -13600,7 +13789,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13446,7 +13634,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
              
@@ -25365,7 +24586,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.
            
-@@ -13613,7 +13803,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13459,7 +13648,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
              
@@ -25375,7 +24596,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
            
-@@ -13626,7 +13817,8 @@ If X11 services are not required for the system's intended function, they should
+@@ -13472,7 +13662,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
              
@@ -25385,17 +24606,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
            
-@@ -13638,7 +13830,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13654,7 +13847,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+@@ -13484,7 +13675,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
              
@@ -25405,7 +24616,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13670,7 +13864,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+@@ -13500,7 +13692,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
            
              RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
              
@@ -25415,7 +24626,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13686,7 +13881,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+@@ -13516,7 +13709,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
            
              RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
              
@@ -25425,7 +24636,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
  
-@@ -13709,7 +13905,8 @@ Note that a port number was given as there is no standard port for RELP.
              RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
              
@@ -25435,7 +24646,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -13728,7 +13925,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13558,7 +13753,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
              
@@ -25445,7 +24656,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
            
-@@ -13741,7 +13939,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13571,7 +13767,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
              
@@ -25455,7 +24666,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
  For more information on each of the listed configurations, reference the sudoers(5) manual page.
-@@ -13765,7 +13964,8 @@ For more information on each of the listed configurations, reference the sudoers
+@@ -13595,7 +13792,8 @@ For more information on each of the listed configurations, reference the sudoers
            
              RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
              
@@ -25465,17 +24676,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
  
-@@ -13781,7 +13981,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
-           
-             RHEL-08-020331 - RHEL 8 must not allow blank or null passwords in the system-auth file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -13793,7 +13994,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13611,7 +13809,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
            
              RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
              
@@ -25485,7 +24686,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
            
-@@ -13805,7 +14007,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+@@ -13623,7 +13822,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
            
              RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
              
@@ -25495,7 +24696,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -13828,7 +14031,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13646,7 +13846,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
              
@@ -25505,7 +24706,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
            
-@@ -13840,7 +14044,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -13658,7 +13859,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
              
@@ -25515,7 +24716,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
  
-@@ -13855,7 +14060,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.
              RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
              
@@ -25525,7 +24726,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
  
-@@ -13873,7 +14079,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+@@ -13691,7 +13894,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
            
              RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
              
@@ -25535,7 +24736,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -13889,7 +14096,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -13707,7 +13911,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
              
@@ -25545,7 +24746,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
  
-@@ -13907,7 +14115,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+@@ -13725,7 +13930,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
            
              RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
              
@@ -25555,7 +24756,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -13921,7 +14130,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -13739,7 +13945,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
            
              RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
              
@@ -25565,7 +24766,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -13937,7 +14147,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -13755,7 +13962,8 @@ Verifying the authenticity of the software prior to installation validates the i
            
              RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
              
@@ -25575,7 +24776,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -13951,7 +14162,8 @@ This requirement applies to operating systems performing security function verif
+@@ -13769,7 +13977,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
              
@@ -25585,7 +24786,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -13963,7 +14175,8 @@ This requirement applies to operating systems performing security function verif
+@@ -13781,7 +13990,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
              
@@ -25595,7 +24796,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -13975,7 +14188,8 @@ This requirement applies to operating systems performing security function verif
+@@ -13793,7 +14003,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
              
@@ -25605,17 +24806,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
  
-@@ -13989,7 +14203,8 @@ This requirement addresses concurrent sessions for information system accounts a
-           
-             RHEL-08-020040 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for command line sessions.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
- 
-@@ -14007,7 +14222,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
+@@ -13807,7 +14018,8 @@ This requirement addresses concurrent sessions for information system accounts a
            
              RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
              
@@ -25625,7 +24816,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -14023,7 +14239,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+@@ -13823,7 +14035,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
            
              RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
              
@@ -25635,7 +24826,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14039,7 +14256,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -13839,7 +14052,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
              
@@ -25645,7 +24836,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14055,7 +14273,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -13855,7 +14069,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
              
@@ -25655,7 +24846,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14071,7 +14290,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -13871,7 +14086,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
              
@@ -25665,7 +24856,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14087,7 +14307,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -13887,7 +14103,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
              
@@ -25675,7 +24866,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14103,7 +14324,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -13903,7 +14120,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
              
@@ -25685,7 +24876,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14119,7 +14341,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -13919,7 +14137,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
              
@@ -25695,7 +24886,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14135,7 +14358,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -13935,7 +14154,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
              
@@ -25705,17 +24896,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
            
-@@ -14147,7 +14371,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
-           
-             RHEL-08-020220 - RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.
- 
-@@ -14165,7 +14390,8 @@ Note that manual changes to the listed files may be overwritten by the "authsele
+@@ -13947,7 +14167,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
              
@@ -25725,7 +24906,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -14185,7 +14411,8 @@ The DoD minimum password requirement is 15 characters.
+@@ -13967,7 +14188,8 @@ The DoD minimum password requirement is 15 characters.
            
              RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
              
@@ -25735,7 +24916,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -14201,7 +14428,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -13983,7 +14205,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.
              
@@ -25745,7 +24926,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
  
-@@ -14215,7 +14443,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+@@ -13997,7 +14220,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
            
              RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.
              
@@ -25755,7 +24936,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
            
-@@ -14227,7 +14456,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+@@ -14009,7 +14233,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
            
              RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
              
@@ -25765,7 +24946,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -14243,7 +14473,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+@@ -14025,7 +14250,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
            
              RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
              
@@ -25775,7 +24956,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14259,7 +14490,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+@@ -14041,7 +14267,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
            
              RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
              
@@ -25785,7 +24966,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14275,7 +14507,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+@@ -14057,7 +14284,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
            
              RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).
              
@@ -25795,7 +24976,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14291,7 +14524,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+@@ -14073,7 +14301,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
            
              RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
              
@@ -25805,7 +24986,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14307,7 +14541,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+@@ -14089,7 +14318,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
            
              RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
              
@@ -25815,7 +24996,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14323,7 +14558,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+@@ -14105,7 +14335,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
            
              RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
              
@@ -25825,7 +25006,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14337,7 +14573,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+@@ -14119,7 +14350,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
            
              RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
              
@@ -25835,7 +25016,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
  
-@@ -14351,7 +14588,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
+@@ -14133,7 +14365,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
            
              RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
              
@@ -25845,7 +25026,17 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
  
-@@ -14367,7 +14605,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+@@ -14149,7 +14382,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+           
+             RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -14165,7 +14399,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
            
              RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
              
@@ -25855,7 +25046,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -14383,7 +14622,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -14181,7 +14416,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
            
              RHEL-08-020102 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.
              
@@ -25865,7 +25056,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -14401,7 +14641,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -14199,7 +14435,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            
              RHEL-08-020035 - RHEL 8 must terminate idle user sessions.
              
@@ -25875,7 +25066,7 @@ index 2bb4af3b9..5fa087d7e 100644
              
              Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.
            
-@@ -14645,15 +14886,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -14439,15 +14676,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            
            
          
@@ -25894,7 +25085,7 @@ index 2bb4af3b9..5fa087d7e 100644
            
          
          
-@@ -16481,18 +16722,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -16259,18 +16496,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b
            1
          
@@ -25919,7 +25110,7 @@ index 2bb4af3b9..5fa087d7e 100644
          
          
            /boot/grub2/grub.cfg
-@@ -18992,7 +19233,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -18753,7 +18990,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            
              RHEL 8 is installed
              
@@ -25929,47 +25120,11 @@ index 2bb4af3b9..5fa087d7e 100644
              
              
              RHEL 8 is installed
-diff --git a/shared/references/disa-stig-rhel8-v1r14-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r14-xccdf-manual.xml
-index 89b69d69d..cf9365113 100644
---- a/shared/references/disa-stig-rhel8-v1r14-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v1r14-xccdf-manual.xml
-@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 5000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -384,7 +384,7 @@ Confirm password:For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfgFor systems that use BIOS, this is Not Applicable.
- 
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniquestringhere]"
- export superusers
- 
-diff --git a/shared/references/disa-stig-rhel9-v1r1-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v1r1-xccdf-scap.xml
-index c14013393..fe7d48d2c 100644
---- a/shared/references/disa-stig-rhel9-v1r1-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel9-v1r1-xccdf-scap.xml
-@@ -20991,7 +20991,7 @@ include "/etc/crypto-policies/back-ends/bind.config";
+diff --git a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
+index 1c187bcb8..3b5dc3363 100644
+--- a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
+@@ -20786,7 +20786,7 @@ include "/etc/crypto-policies/back-ends/bind.config";
            
            
              
@@ -25978,16 +25133,16 @@ index c14013393..fe7d48d2c 100644
                
                  
                  
-@@ -29178,7 +29178,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
+@@ -28886,7 +28886,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
            
            
          
--        
-+        
+-        
++        
            
          
-         
-@@ -33049,7 +33049,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
+         
+@@ -32714,7 +32714,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
            1
          
          
@@ -25997,22 +25152,22 @@ index c14013393..fe7d48d2c 100644
          
            /etc/grub2-efi.cfg
 diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
-index 5a686b0b2..74a7d8c30 100644
+index 503895c33..33e242420 100644
 --- a/shared/templates/audit_rules_dac_modification/ansible.template
 +++ b/shared/templates/audit_rules_dac_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
-index daee70210..ae6608360 100644
+index 5d782e0bd..11bd40b58 100644
 --- a/shared/templates/audit_rules_dac_modification/bash.template
 +++ b/shared/templates/audit_rules_dac_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
@@ -26037,22 +25192,22 @@ index b3eab4edb..da237aa3d 100644
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
-index e62981561..4f8c1b6e5 100644
+index 52d93ba02..18a26fc62 100644
 --- a/shared/templates/audit_rules_login_events/ansible.template
 +++ b/shared/templates/audit_rules_login_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
-index e3c55b43a..0a13eabe8 100644
+index f0b83b1bf..72506c7ee 100644
 --- a/shared/templates/audit_rules_login_events/bash.template
 +++ b/shared/templates/audit_rules_login_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
@@ -26090,7 +25245,7 @@ index 0e2a29c80..a78d71da2 100644
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
-index 316171011..aba627753 100644
+index 181597906..f886020ab 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 +++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 @@ -1,5 +1,5 @@
@@ -26101,7 +25256,7 @@ index 316171011..aba627753 100644
  
  source common.sh
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
-index 1cad34338..55c65dbe2 100644
+index fd902a020..010590172 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
 +++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
 @@ -1,5 +1,5 @@
@@ -26132,22 +25287,22 @@ index bd5bb94cb..d1f68626a 100644
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 9beb65537..e6da688f0 100644
+index 40c2e96a1..87cd84907 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index b18223c98..e82de6427 100644
+index f41ed4106..7ba2388b6 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
@@ -26201,22 +25356,34 @@ index c5051bcf7..846c0e661 100644
  # reboot = true
  # strategy = restrict
  # complexity = medium
-diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
-index b594abe6d..bac3e9fc6 100644
---- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
+index 4c25b2d95..26100fc4e 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- {{%- if 'ubuntu' in product %}}
- # packages = grub2
- {{%- else %}}
-diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
-index e52ae2417..5f5306e14 100644
---- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_grubenv.fail.sh
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = grub2,grubby
+ 
+ source common.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
+index 59d4ddd5d..0eb224b52 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_and_not_referenced.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2,grubby
+ 
+ {{%- if ARG_VARIABLE %}}
+diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
+index 98da43833..7bf517de2 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_grubenv_but_referenced.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
@@ -26225,10 +25392,46 @@ index e52ae2417..5f5306e14 100644
  # packages = grub2,grubby
  
  source common.sh
-diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
-index 0c97377f2..2aef2ae6d 100644
---- a/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value.fail.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
+index 1a955c392..4944278bc 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_grubenv_only.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2,grubby
+ 
+ source common.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
+index 888445d23..18efb9fb5 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/correct_value_mix_entries_and_grubenv.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8
++# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,AlmaLinux 8
+ # packages = grub2,grubby
+ 
+ source common.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
+index 0ee7a41ca..a31c37bc4 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ 
+-# platform = multi_platform_fedora,multi_platform_rhel
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ # packages = grub2,grubby
+ 
+ source common.sh
+diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
+index 75c487299..411b739e3 100644
+--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
++++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_grubenv.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  
@@ -26294,22 +25497,22 @@ index e51f669fd..00a74f76f 100644
  
  # Adds argument with a value from kernel command line in /etc/default/grub
 diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
-index 88e846697..a329cbe76 100644
+index b3f7c4121..457c70957 100644
 --- a/shared/templates/kernel_module_disabled/ansible.template
 +++ b/shared/templates/kernel_module_disabled/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  # reboot = true
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
-index df7229bc4..d6dc65bff 100644
+index 5bf2bffce..683f24818 100644
 --- a/shared/templates/kernel_module_disabled/bash.template
 +++ b/shared/templates/kernel_module_disabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  # reboot = true
  # strategy = disable
  # complexity = low
@@ -26395,12 +25598,22 @@ index 0ac55f51f..dd0bcddea 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
-index 65c48d381..ee1e6386d 100644
+index d19004461..e0d4b55f3 100644
 --- a/shared/templates/package_installed/bash.template
 +++ b/shared/templates/package_installed/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
+ # reboot = false
+ # strategy = enable
+ # complexity = low
+diff --git a/shared/templates/package_installed/bootc.template b/shared/templates/package_installed/bootc.template
+index ddac8ef40..86cb91791 100644
+--- a/shared/templates/package_installed/bootc.template
++++ b/shared/templates/package_installed/bootc.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -26424,6 +25637,16 @@ index 489f9bb0f..0120d927c 100644
  # reboot = false
  # strategy = disable
  # complexity = low
+diff --git a/shared/templates/package_removed/bootc.template b/shared/templates/package_removed/bootc.template
+index 9e3535578..f0a418432 100644
+--- a/shared/templates/package_removed/bootc.template
++++ b/shared/templates/package_removed/bootc.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
+ # reboot = false
+ # strategy = disable
+ # complexity = low
 diff --git a/shared/templates/package_removed/kickstart.template b/shared/templates/package_removed/kickstart.template
 index 486ebbbdc..963412bac 100644
 --- a/shared/templates/package_removed/kickstart.template
@@ -26781,7 +26004,7 @@ index a17337508..1e9769b17 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index 7bc1bd15d..b5534afd7 100644
+index ecfd73fa8..6c515ced4 100644
 --- a/shared/templates/sebool/bash.template
 +++ b/shared/templates/sebool/bash.template
 @@ -1,4 +1,4 @@
@@ -26821,12 +26044,12 @@ index 1ab456524..724e7b779 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/service_enabled/bash.template b/shared/templates/service_enabled/bash.template
-index 00fd1ee2f..2d99ec854 100644
+index d290a399a..2dc4121f9 100644
 --- a/shared/templates/service_enabled/bash.template
 +++ b/shared/templates/service_enabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -26841,12 +26064,12 @@ index 451af774a..27ac615a2 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index 887adae43..b4395c5a7 100644
+index b3aafbc27..f2755cdc1 100644
 --- a/shared/templates/sysctl/bash.template
 +++ b/shared/templates/sysctl/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = true
  # strategy = disable
  # complexity = low
@@ -26861,27 +26084,27 @@ index 42ec0778d..475010b6a 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
-index 336775e4f..6411d1b9b 100644
+index 73810f216..54434bb42 100644
 --- a/shared/templates/zipl_bls_entries_option/ansible.template
 +++ b/shared/templates/zipl_bls_entries_option/ansible.template
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  # reboot = true
  # strategy = configure
  # complexity = medium
 diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
-index 25cd7432c..a415f2a38 100644
+index e14d59dfc..1b236a130 100644
 --- a/shared/templates/zipl_bls_entries_option/bash.template
 +++ b/shared/templates/zipl_bls_entries_option/bash.template
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_rhel
++# platform = multi_platform_rhel,multi_platform_almalinux
  
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index 7f8910743..bc15f1ac2 100644
+index 6fefa4ed1..286465e77 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
 @@ -40,6 +40,7 @@ SSG_REF_URIS = {
@@ -26892,7 +26115,7 @@ index 7f8910743..bc15f1ac2 100644
      'anolis8',
      'anolis23',
      'al2023',
-@@ -201,6 +202,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
+@@ -203,6 +204,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
  FULL_NAME_TO_PRODUCT_MAPPING = {
      "Alibaba Cloud Linux 2": "alinux2",
      "Alibaba Cloud Linux 3": "alinux3",
@@ -26900,16 +26123,16 @@ index 7f8910743..bc15f1ac2 100644
      "Anolis OS 8": "anolis8",
      "Anolis OS 23": "anolis23",
      "Amazon Linux 2023": "al2023",
-@@ -281,7 +283,7 @@ REFERENCES = dict(
+@@ -284,7 +286,7 @@ REFERENCES = dict(
  )
  
  
 -MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
 +MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhv", "debian", "ubuntu",
-                        "openeuler",
+                        "openeuler", "kylinserver",
                         "opensuse", "sle", "ol", "ocp", "rhcos",
-                        "example", "eks", "alinux", "uos", "anolis", "openembedded", "al",
-@@ -289,6 +291,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
+                        "example", "eks", "alinux", "anolis", "openembedded", "al",
+@@ -292,6 +294,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
  
  MULTI_PLATFORM_MAPPING = {
      "multi_platform_alinux": ["alinux2", "alinux3"],
@@ -26917,7 +26140,7 @@ index 7f8910743..bc15f1ac2 100644
      "multi_platform_anolis": ["anolis8", "anolis23"],
      "multi_platform_debian": ["debian11", "debian12"],
      "multi_platform_example": ["example"],
-@@ -436,6 +439,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
+@@ -439,6 +442,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
      'eks': 'Amazon Elastic Kubernetes Service',
      'al': 'Amazon Linux',
      'openembedded': 'OpenEmbedded',