diff --git a/SOURCES/0001-Add-AlmaLinux-8-support.patch b/SOURCES/0001-Add-AlmaLinux-8-support.patch index 8ba27a1..c125375 100644 --- a/SOURCES/0001-Add-AlmaLinux-8-support.patch +++ b/SOURCES/0001-Add-AlmaLinux-8-support.patch @@ -1,26 +1,26 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 59e3de4d5..d7b8c0c58 100644 +index 699194b97..be6d8a9cd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -87,6 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui - # project. Note that the example product is always disabled unless explicitly asked for. +@@ -88,6 +88,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -+option(SSG_PRODUCT_ALMALINUX8 "If enabled, the AlmaLinux 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) + option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux OS 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) ++option(SSG_PRODUCT_ALMALINUX8 "If enabled, the AlmaLinux OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) -@@ -317,6 +318,7 @@ message(STATUS " ") - message(STATUS "Products:") +@@ -320,6 +321,7 @@ message(STATUS "Products:") message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}") message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}") -+message(STATUS "AlmaLinux 8: ${SSG_PRODUCT_ALMALINUX8}") + message(STATUS "AlmaLinux OS 9: ${SSG_PRODUCT_ALMALINUX9}") ++message(STATUS "AlmaLinux OS 8: ${SSG_PRODUCT_ALMALINUX8}") message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}") message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}") message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}") -@@ -382,6 +384,9 @@ endif() - if(SSG_PRODUCT_ALINUX3) - add_subdirectory("products/alinux3" "alinux3") +@@ -389,6 +391,9 @@ endif() + if(SSG_PRODUCT_ALMALINUX9) + add_subdirectory("products/almalinux9" "almalinux9") endif() +if(SSG_PRODUCT_ALMALINUX8) + add_subdirectory("products/almalinux8" "almalinux8") @@ -29,44 +29,44 @@ index 59e3de4d5..d7b8c0c58 100644 add_subdirectory("products/anolis8" "anolis8") endif() diff --git a/build_product b/build_product -index 8685fffc6..6677ccd71 100755 +index 89d967124..2278e1786 100755 --- a/build_product +++ b/build_product -@@ -359,6 +359,7 @@ all_cmake_products=( - AL2023 +@@ -360,6 +360,7 @@ all_cmake_products=( ALINUX2 ALINUX3 + ALMALINUX9 + ALMALINUX8 ANOLIS8 ANOLIS23 CHROMIUM diff --git a/cmake/SSGCommon.cmake b/cmake/SSGCommon.cmake -index 65c96459a..d51b8ce22 100644 +index 170ae3d39..7792051d3 100644 --- a/cmake/SSGCommon.cmake +++ b/cmake/SSGCommon.cmake -@@ -777,7 +777,7 @@ macro(ssg_build_product PRODUCT) +@@ -795,7 +795,7 @@ macro(ssg_build_product PRODUCT) ssg_render_policies_for_product(${PRODUCT}) add_dependencies(render-policies ${PRODUCT}-render-policies) -- if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(7|8)") -+ if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "almalinux8") +- if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8") ++ if(SSG_BUILD_DISA_DELTA_FILES AND "${PRODUCT}" MATCHES "rhel(8|9)|ol8|almalinux8") ssg_build_disa_delta(${PRODUCT} "stig") add_dependencies(${PRODUCT} generate-ssg-delta-${PRODUCT}-stig) endif() diff --git a/components/rpm.yml b/components/rpm.yml -index f32f248ad..8a05dca3f 100644 +index 1523ae90b..bc01f424f 100644 --- a/components/rpm.yml +++ b/components/rpm.yml -@@ -9,6 +9,7 @@ rules: - - dnf-automatic_apply_updates - - dnf-automatic_security_updates_only - - ensure_GPG_keys_are_configured +@@ -16,6 +16,7 @@ rules: + - ensure_gpgcheck_repo_metadata + - ensure_oracle_gpgkey_installed + - ensure_package_repositories_are_configured +- ensure_almalinux_gpgkey_installed - - ensure_fedora_gpgkey_installed - - ensure_gpgcheck_globally_activated - - ensure_gpgcheck_local_packages + - ensure_redhat_gpgkey_installed + - ensure_amazon_gpgkey_installed + - ensure_suse_gpgkey_installed diff --git a/controls/anssi.yml b/controls/anssi.yml -index a03a06d56..0ef44c461 100644 +index cdcec6573..b59591b2e 100644 --- a/controls/anssi.yml +++ b/controls/anssi.yml @@ -1244,7 +1244,7 @@ controls: @@ -76,15 +76,9 @@ index a03a06d56..0ef44c461 100644 - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_oracle_gpgkey_installed + - ensure_almalinux_gpgkey_installed - - id: R60 -@@ -1363,16 +1363,13 @@ controls: - When authentication takes place through a remote application (network), - the authentication protocol used by PAM must be secure (flow encryption, - remote server authentication, anti-replay mechanisms, ...). -- {{% if "rhel" in product or "ol" in families %}} - notes: |- - In {{{ full_name }}} systems, remote authentication is handled through sssd service. +@@ -1370,10 +1370,8 @@ controls: PAM delegates requests for remote authentication to this service through a local Unix socket. The sssd service can use IPA, AD or LDAP as a remote database containing information required for authentication. In case IPA or AD is configured through a documented way, the connection is secured by default. In case LDAP is configured manually, there are several configuration options which should be chedked. @@ -95,7 +89,7 @@ index a03a06d56..0ef44c461 100644 status: automated rules: - package_sssd_installed -@@ -1380,16 +1377,10 @@ controls: +@@ -1381,16 +1379,10 @@ controls: - sssd_enable_pam_services - sssd_ldap_configure_tls_reqcert - sssd_ldap_start_tls @@ -112,14 +106,7 @@ index a03a06d56..0ef44c461 100644 - id: R68 title: Protecting stored passwords -@@ -1419,20 +1410,14 @@ controls: - When the user databases are stored on a remote network service, NSS must - be configured to establish a secure link that allows, at minimum, to - authenticate the server and protect the communication channel. -- {{% if "rhel" in product or "ol" in families %}} - notes: |- - A nsswitch service connecting to remote database is provided by sssd. This is checked in requirement R67. - Another such service is winbind which is by default configured to connect +@@ -1427,13 +1419,8 @@ controls: securely to Samba domains. Other relevant services are NIS and Hesiod. These should not be used. status: automated @@ -133,11 +120,24 @@ index a03a06d56..0ef44c461 100644 - id: R70 +diff --git a/controls/cis_almalinux9.yml b/controls/cis_almalinux9.yml +index 4591f52c6..670d0b14f 100644 +--- a/controls/cis_almalinux9.yml ++++ b/controls/cis_almalinux9.yml +@@ -360,7 +360,7 @@ controls: + - l1_workstation + status: manual + related_rules: +- - ensure_redhat_gpgkey_installed ++ - ensure_almalinux_gpgkey_installed + + - id: 1.2.1.2 + title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml -index 825328bc2..f8f2e295a 100644 +index e35482b2d..029f55f58 100644 --- a/controls/cis_rhel10.yml +++ b/controls/cis_rhel10.yml -@@ -365,7 +365,7 @@ controls: +@@ -315,7 +315,7 @@ controls: - l1_workstation status: manual related_rules: @@ -147,7 +147,7 @@ index 825328bc2..f8f2e295a 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml -index 95b94d22f..1840be10e 100644 +index f2a1e6d3a..2657914ff 100644 --- a/controls/cis_rhel8.yml +++ b/controls/cis_rhel8.yml @@ -353,7 +353,7 @@ controls: @@ -160,7 +160,7 @@ index 95b94d22f..1840be10e 100644 - id: 1.2.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml -index 9004c8426..916505823 100644 +index 05a3e4ac3..98cb1a49b 100644 --- a/controls/cis_rhel9.yml +++ b/controls/cis_rhel9.yml @@ -360,7 +360,7 @@ controls: @@ -173,10 +173,10 @@ index 9004c8426..916505823 100644 - id: 1.2.1.2 title: Ensure gpgcheck is globally activated (Automated) diff --git a/controls/e8.yml b/controls/e8.yml -index 49a58ef29..ebbffc918 100644 +index c3dc27737..3d81cacef 100644 --- a/controls/e8.yml +++ b/controls/e8.yml -@@ -23,7 +23,7 @@ controls: +@@ -22,7 +22,7 @@ controls: - service_avahi-daemon_disabled - package_squid_removed - service_squid_disabled @@ -186,59 +186,59 @@ index 49a58ef29..ebbffc918 100644 - ensure_gpgcheck_local_packages - ensure_gpgcheck_globally_activated diff --git a/controls/hipaa.yml b/controls/hipaa.yml -index 3de4d53c2..8e5d4f27d 100644 +index fdd9e8c65..df7a5b272 100644 --- a/controls/hipaa.yml +++ b/controls/hipaa.yml -@@ -163,7 +163,7 @@ controls: +@@ -167,7 +167,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - -@@ -1377,7 +1377,7 @@ controls: +@@ -1393,7 +1393,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - -@@ -1407,7 +1407,7 @@ controls: +@@ -1424,7 +1424,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - -@@ -1426,7 +1426,7 @@ controls: +@@ -1444,7 +1444,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - -@@ -1699,7 +1699,7 @@ controls: +@@ -1725,7 +1725,7 @@ controls: - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled - ensure_gpgcheck_repo_metadata - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed status: automated - diff --git a/controls/ospp.yml b/controls/ospp.yml -index 8e3f400ed..4d724aa2b 100644 +index 20ae9fa45..88a5dff83 100644 --- a/controls/ospp.yml +++ b/controls/ospp.yml -@@ -448,7 +448,7 @@ controls: +@@ -447,7 +447,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled @@ -247,7 +247,7 @@ index 8e3f400ed..4d724aa2b 100644 status: automated - id: FPT_TUD_EXT.2 -@@ -462,7 +462,7 @@ controls: +@@ -461,7 +461,7 @@ controls: - ensure_gpgcheck_globally_activated - ensure_gpgcheck_local_packages - ensure_gpgcheck_never_disabled @@ -257,36 +257,37 @@ index 8e3f400ed..4d724aa2b 100644 - id: FPT_TST_EXT.1 diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml -index 17b688dfa..23bbc421c 100644 +index 39f47c3c3..883f23458 100644 --- a/controls/pcidss_4.yml +++ b/controls/pcidss_4.yml -@@ -1554,7 +1554,7 @@ controls: +@@ -1555,7 +1555,7 @@ controls: - base status: automated rules: - - ensure_redhat_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_suse_gpgkey_installed + - ensure_almalinux_gpgkey_installed - ensure_gpgcheck_globally_activated - - ensure_gpgcheck_never_disabled diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -index dbec9fe45..c237f1be4 100644 +index dbec9fe45..ed6e4faae 100644 --- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml +++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml -@@ -21,5 +21,8 @@ controls: - {{% if 'ol' in product %}} - - ensure_oracle_gpgkey_installed - {{% endif %}} +@@ -12,6 +12,9 @@ controls: + - ensure_gpgcheck_globally_activated + - ensure_gpgcheck_local_packages + - ensure_gpgcheck_never_disabled + {{% if 'almalinux' in product %}} + - ensure_almalinux_gpgkey_installed + {{% endif %}} - - status: automated + {{% if 'ubuntu' in product %}} + - apt_conf_disallow_unauthenticated + {{% endif %}} diff --git a/controls/stig_rhel9.yml b/controls/stig_rhel9.yml -index b7197b06a..aa351548c 100644 +index 32b70f006..37219d207 100644 --- a/controls/stig_rhel9.yml +++ b/controls/stig_rhel9.yml -@@ -377,7 +377,7 @@ controls: +@@ -382,7 +382,7 @@ controls: - medium title: RHEL 9 must ensure cryptographic verification of vendor software packages. rules: @@ -296,10 +297,10 @@ index b7197b06a..aa351548c 100644 - id: RHEL-09-214015 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -index e6bebd450..f7e5aafe7 100644 +index 21a6d25d6..9e6b00836 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -309,10 +310,10 @@ index e6bebd450..f7e5aafe7 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -index cf3b21bf6..206da499d 100644 +index c305be5d4..9e8cb614c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -322,10 +323,10 @@ index cf3b21bf6..206da499d 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -index a7f46731e..5fc3d44ca 100644 +index ba44cd4ce..c978b9f81 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -335,10 +336,10 @@ index a7f46731e..5fc3d44ca 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -index b3364fc80..1b969719b 100644 +index c89f9952e..16f942838 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030410 stigid@ol8: OL08-00-030490 @@ -348,10 +349,10 @@ index b3364fc80..1b969719b 100644 stigid@sle15: SLES-15-030290 stigid@ubuntu2004: UBTU-20-010152 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -index 7c5693c16..4f573385c 100644 +index 56ec0034d..26c965977 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -361,10 +362,10 @@ index 7c5693c16..4f573385c 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -index 737e93b2c..55c76bd4b 100644 +index 4da5306eb..96780da76 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -374,10 +375,10 @@ index 737e93b2c..55c76bd4b 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -index 2f100463b..798dcb4e1 100644 +index 01ddcaa79..dc65bd448 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml -@@ -73,7 +73,7 @@ references: +@@ -74,7 +74,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -387,10 +388,10 @@ index 2f100463b..798dcb4e1 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010147 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -index d61618227..57509f135 100644 +index 77ede090f..84af9eb21 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml -@@ -67,7 +67,7 @@ references: +@@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -400,10 +401,10 @@ index d61618227..57509f135 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010144 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -index 9ea9c6dae..ea9541036 100644 +index 9b93a4f4a..6db791741 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml -@@ -59,7 +59,7 @@ references: +@@ -60,7 +60,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000466-GPOS-00210,SRG-OS-000458-GPOS-00203,SRG-OS-000474-GPOS-00219,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255 stigid@ol7: OL07-00-030370 stigid@ol8: OL08-00-030480 @@ -413,10 +414,10 @@ index 9ea9c6dae..ea9541036 100644 stigid@sle15: SLES-15-030250 stigid@ubuntu2004: UBTU-20-010148 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -index 680e67380..9467cfde6 100644 +index eccf126f2..e301893b2 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml -@@ -72,7 +72,7 @@ references: +@@ -74,7 +74,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -426,10 +427,10 @@ index 680e67380..9467cfde6 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010146 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -index ec9986acf..c070d926b 100644 +index 55afc87c7..61a43002c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml -@@ -67,7 +67,7 @@ references: +@@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000466-GPOS-00210,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -439,10 +440,10 @@ index ec9986acf..c070d926b 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010143 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -index c9f5d6167..cb0fcc0d4 100644 +index d800a14e3..f586a1eda 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml -@@ -71,7 +71,7 @@ references: +@@ -73,7 +73,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000458-GPOS-00203,SRG-OS-000462-GPOS-00206,SRG-OS-000463-GPOS-00207,SRG-OS-000468-GPOS-00212,SRG-OS-000471-GPOS-00215,SRG-OS-000474-GPOS-00219,SRG-OS-000466-GPOS-00210,SRG-OS-000064-GPOS-00033,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -452,10 +453,10 @@ index c9f5d6167..cb0fcc0d4 100644 stigid@sle15: SLES-15-030190 stigid@ubuntu2004: UBTU-20-010145 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -index 23641d310..74e0f6661 100644 +index 4f709ced1..6cf0fce0e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml -@@ -67,7 +67,7 @@ references: +@@ -69,7 +69,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000466-GPOS-00210,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-APP-000091-CTR-000160,SRG-APP-000492-CTR-001220,SRG-APP-000493-CTR-001225,SRG-APP-000494-CTR-001230,SRG-APP-000500-CTR-001260,SRG-APP-000507-CTR-001295,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030440 stigid@ol8: OL08-00-030200 @@ -491,7 +492,7 @@ index 2709c0194..34972cd3a 100644 stigid@sle15: SLES-15-030430 stigid@ubuntu2004: UBTU-20-010167 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml -index cf9c4a921..b5e598077 100644 +index ba939bd99..f40dfe642 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml @@ -59,7 +59,7 @@ references: @@ -504,7 +505,7 @@ index cf9c4a921..b5e598077 100644 stigid@sle15: SLES-15-030450 stigid@ubuntu2004: UBTU-20-010165 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml -index 4f82ad52f..286057025 100644 +index 7710a16da..b344a039e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml @@ -56,7 +56,7 @@ references: @@ -517,7 +518,7 @@ index 4f82ad52f..286057025 100644 {{{ ocil_fix_srg_privileged_command("semanage", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml -index 0a50c48a2..0afecada6 100644 +index 5af56b1d2..a5074c050 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml @@ -46,7 +46,7 @@ references: @@ -530,7 +531,7 @@ index 0a50c48a2..0afecada6 100644 {{{ ocil_fix_srg_privileged_command("setfiles", "/usr/sbin/", "privileged-unix-update") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml -index c518e6d67..b9cd3277f 100644 +index 5dafeb060..db55c65eb 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml @@ -55,7 +55,7 @@ references: @@ -543,20 +544,20 @@ index c518e6d67..b9cd3277f 100644 {{{ ocil_fix_srg_privileged_command("setsebool", "/usr/sbin/", "privileged") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh -index 53e61fb25..e9a0edcde 100644 +index 5f5300c76..f2d3ee074 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # Perform the remediation for the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -index 34a2c9e89..fa6cf8dbb 100644 +index 3b9508a74..7c11ab9f7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml -@@ -53,7 +53,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -566,10 +567,10 @@ index 34a2c9e89..fa6cf8dbb 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -index effea5c05..4e2e5346e 100644 +index 1de048100..766168996 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml -@@ -50,7 +50,7 @@ references: +@@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -592,10 +593,10 @@ index ab5a8cff6..8b6d610da 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -index dd8371ba2..adb014c81 100644 +index 5ace03a60..d3eacf1a3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml -@@ -53,7 +53,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -605,10 +606,10 @@ index dd8371ba2..adb014c81 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -index f871dd645..21236561c 100644 +index 6d609b2eb..1fe02f0d5 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml -@@ -50,7 +50,7 @@ references: +@@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000466-GPOS-00210,SRG-OS-000467-GPOS-00211,SRG-OS-000468-GPOS-00212,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000501-CTR-001265,SRG-APP-000502-CTR-001270 stigid@ol7: OL07-00-030910 stigid@ol8: OL08-00-030361 @@ -618,20 +619,20 @@ index f871dd645..21236561c 100644 stigid@ubuntu2204: UBTU-22-654185 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh -index 8a48783f6..b846f8113 100644 +index 15b976a11..563acb956 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # Perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -index 1146fe8fd..f3d479376 100644 +index 54002d249..eab8ab594 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -@@ -62,7 +62,7 @@ references: +@@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -641,10 +642,10 @@ index 1146fe8fd..f3d479376 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -index 401a76aa7..105d9a69a 100644 +index 34bc88541..dfe128709 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -@@ -62,7 +62,7 @@ references: +@@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -680,64 +681,64 @@ index 86297fe41..3d17494ac 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh -index c944fb9e6..b506644af 100644 +index 65ca8f6d7..4cc463abf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh -index c944fb9e6..b506644af 100644 +index 65ca8f6d7..4cc463abf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -index 5f27a832e..d04e00dac 100644 +index 6bf71d78a..cdd5e064e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -@@ -62,7 +62,7 @@ references: +@@ -64,7 +64,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -747,37 +748,37 @@ index 5f27a832e..d04e00dac 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh -index c1352ae38..31de43746 100644 +index 31de43746..157ec2972 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh -index c944fb9e6..b506644af 100644 +index 65ca8f6d7..4cc463abf 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux {{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -index 5671f0af5..5570dc4c6 100644 +index 1cc55c41c..a6c46912e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -@@ -61,7 +61,7 @@ references: +@@ -63,7 +63,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000064-GPOS-00033,SRG-OS-000458-GPOS-00203,SRG-OS-000461-GPOS-00205,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030510 stigid@ol8: OL08-00-030420 @@ -787,12 +788,12 @@ index 5671f0af5..5570dc4c6 100644 stigid@sle15: SLES-15-030150 stigid@ubuntu2004: UBTU-20-010155 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml -index 590a5ff6b..5ceb15d9b 100644 +index 7469657e1..88fadcfe8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low @@ -808,12 +809,12 @@ index bdf3015c4..658327033 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml -index 1ee266d25..a32ed4e88 100644 +index e1c556bc5..cb6e72f35 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # reboot = false # complexity = low # disruption = low @@ -829,10 +830,10 @@ index 7c8e520c1..e5c1d9d93 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -index 1fc076fe8..8513b30b5 100644 +index 112f91278..14f745cad 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030830 stigid@ol8: OL08-00-030390 @@ -853,12 +854,12 @@ index 1bf2449b4..ddf95ef93 100644 rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml -index 6d545f87c..613960cbc 100644 +index d9817b8ed..2600c8d08 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # reboot = false # complexity = low # disruption = low @@ -898,12 +899,12 @@ index 548015d2a..f785aab0c 100644 rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml -index 73a9f1dff..6daf2c30b 100644 +index f3b2b0960..6c8b793ef 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # reboot = false # complexity = low # disruption = low @@ -919,10 +920,10 @@ index 083a612a0..3228b89b7 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -index aa51a41ce..2e6874034 100644 +index 58cd30b2f..da5669b69 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -@@ -54,7 +54,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222,SRG-APP-000495-CTR-001235,SRG-APP-000504-CTR-001280 stigid@ol7: OL07-00-030820 stigid@ol8: OL08-00-030360 @@ -954,12 +955,12 @@ index 009564309..0f9a7f6e6 100644 rm -f /etc/audit/rules.d/* diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh -index 1ea2bcfa9..06d0f131a 100644 +index 06d0f131a..8327fc7b9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' @@ -977,154 +978,154 @@ index 3d2a43291..a91e740bc 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh -index e8b40c40b..c003a3101 100644 +index aa5933406..9d159f0e4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh -index b1e45d310..5eff48e99 100644 +index 742a8dc93..ebf3e4241 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh -index c602f8e49..2e041b718 100644 +index 1b52b43c4..959b8c363 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh -index 00e9c031c..d29dcd262 100644 +index 6e725d924..003cbad34 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh -index 8c380177f..5e0608d35 100644 +index be053a0e4..9ae68c06d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh -index a321ab78b..fa8cd80bb 100644 +index 32a315ee3..ceaa81c5d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh -index e2750dbee..6a2992c9d 100644 +index 900ec1c42..66a26d349 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh -index d8379bfe5..3c16dd148 100644 +index 6211dfd8a..0cc9223e1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh -index cbbcb5f67..76ebb0844 100644 +index 1d00bfac9..41961fe47 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh -index 22b979187..e90519a30 100644 +index a68b4e87a..33230eff8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh -index afdeb73d1..95b55eef4 100644 +index 97d8f88da..d35376777 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh -index b14bc1951..81934f021 100644 +index 43168b5cc..d87e6b3e3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9 -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8, Red Hat Enterprise Linux 9 +-# platform = multi_platform_rhel ++# platform = multi_platform_rhel,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_cis path="/var/run/faillock" diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -index 740f309db..69b434b79 100644 +index ee68421a4..c2eb04164 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -@@ -51,7 +51,7 @@ references: +@@ -52,7 +52,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000470-GPOS-00214,SRG-APP-000495-CTR-001235,SRG-APP-000503-CTR-001275,SRG-APP-000506-CTR-001290 stigid@ol7: OL07-00-030620 stigid@ol8: OL08-00-030600 @@ -1134,153 +1135,153 @@ index 740f309db..69b434b79 100644 stigid@sle15: SLES-15-030480 stigid@ubuntu2004: UBTU-20-010171 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml -index b3f4eb102..e6bb717eb 100644 +index c971daf1a..c52cf9253 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh -index 3526d3fea..046a977ca 100644 +index 48bf48bd2..0c9d7c81e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh -index 1fbd8ba8a..65ac95bb2 100644 +index 5d91bba64..5d53ea73c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh -index 20fee9f76..71dfe4b3c 100644 +index 92186611b..ee66ac9dc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh -index 5cc15361e..2e18c47f0 100644 +index 7e041ef90..1d5b3127b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh -index dc7ae3bdf..ff7f21c64 100644 +index a6592b8e1..9962409ea 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu {{{ setup_auditctl_environment() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh -index ee36da807..bd848737d 100644 +index d5c338857..af5946007 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu # augenrules is default for rhel7 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh -index b6aabf247..8405f0ba1 100644 +index 0a16a0c50..8a4e1608a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh @@ -1,7 +1,7 @@ #!/bin/bash # packages = audit # remediation = none --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh -index 12f1b429a..8dea24479 100644 +index adbf71ccf..cac9509dd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh -index 711bae803..617ff1b33 100644 +index 2f01315e0..0fcf5d593 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh -index d272fd1d5..f7c0fec7d 100644 +index 2c3c6124c..0e5ad3011 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh -index ecda20ef9..115487067 100644 +index ee2c9ce79..cabf11a5b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh -index 51482922f..4ac366ec9 100644 +index b6fd7bf89..ee7c90bfd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules # change key of rules for binaries in /usr/sbin @@ -1297,66 +1298,66 @@ index 6ef31d987..2da0682e0 100644 ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh -index 45acc82b6..2505b138b 100644 +index a45b84843..f4e964bc1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu . $SHARED/partition.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh -index 79c0bb972..2968492ac 100644 +index 1f42f8652..e2dbd9bd9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh -index a8667bbfb..471d2aff2 100644 +index e58060ff7..556cd112a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules echo "-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh -index b2e18d1cd..5c56cdb6d 100644 +index 8f3c02693..0d251f46b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh -index 81fc6dd16..9c3f84ef8 100644 +index 2dba37605..c9684121a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8 -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8 +-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml -index dbf4f7d14..e3b55cf54 100644 +index ebb130081..5d0f04372 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml @@ -59,7 +59,7 @@ references: @@ -1369,7 +1370,7 @@ index dbf4f7d14..e3b55cf54 100644 stigid@sle15: SLES-15-030120 stigid@ubuntu2004: UBTU-20-010175 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml -index b97f30b63..208474d14 100644 +index bf9ce6ce9..addc7d1c7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml @@ -59,7 +59,7 @@ references: @@ -1382,7 +1383,7 @@ index b97f30b63..208474d14 100644 stigid@sle15: SLES-15-030100 stigid@ubuntu2004: UBTU-20-010163 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml -index 349d0223f..593b9c899 100644 +index 99a41a0bd..a9aee449a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml @@ -58,7 +58,7 @@ references: @@ -1395,7 +1396,7 @@ index 349d0223f..593b9c899 100644 stigid@sle15: SLES-15-030130 stigid@ubuntu2004: UBTU-20-010177 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml -index ce3300918..d7199bdb3 100644 +index d86dc06b6..1fcbaded1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml @@ -59,7 +59,7 @@ references: @@ -1441,27 +1442,27 @@ index 6b0577551..417636fce 100644 stigid@sle15: SLES-15-030410 stigid@ubuntu2004: UBTU-20-010297 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml -index 44feb6dc4..7a5b0fa5e 100644 +index c42b34c3e..928e8140a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh -index c4c78f756..c9c2d7239 100644 +index 741918c7d..3b6dbc3af 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_debian,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_debian,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml -index bc987e798..4832377c3 100644 +index 8c9cda6bc..064be2883 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml @@ -48,7 +48,7 @@ references: @@ -1474,7 +1475,7 @@ index bc987e798..4832377c3 100644 stigid@ubuntu2004: UBTU-20-010138 stigid@ubuntu2204: UBTU-22-654065 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml -index 8ff611ce5..7047c1cd6 100644 +index d418cb87e..9367434f4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml @@ -59,7 +59,7 @@ references: @@ -1487,7 +1488,7 @@ index 8ff611ce5..7047c1cd6 100644 stigid@sle15: SLES-15-030090 stigid@ubuntu2004: UBTU-20-010164 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml -index f749a53f8..b59bca4d1 100644 +index 39a88c457..46e4b7d77 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml @@ -63,7 +63,7 @@ references: @@ -1500,7 +1501,7 @@ index f749a53f8..b59bca4d1 100644 stigid@sle15: SLES-15-030510 stigid@ubuntu2004: UBTU-20-010178 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml -index fa96437c0..ca4f97962 100644 +index 51384e3ea..bca6c4a7e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml @@ -56,7 +56,7 @@ references: @@ -1513,7 +1514,7 @@ index fa96437c0..ca4f97962 100644 stigid@sle15: SLES-15-030070 stigid@ubuntu2004: UBTU-20-010172 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml -index 4625b87e0..981a4717a 100644 +index 689846be0..170998446 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml @@ -56,7 +56,7 @@ references: @@ -1526,7 +1527,7 @@ index 4625b87e0..981a4717a 100644 {{{ ocil_fix_srg_privileged_command("postdrop") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml -index fe137e041..cb46d5141 100644 +index 081af9c93..d91bd904d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml @@ -56,7 +56,7 @@ references: @@ -1539,22 +1540,22 @@ index fe137e041..cb46d5141 100644 {{{ ocil_fix_srg_privileged_command("postqueue") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml -index 7e18fe435..a27adad2d 100644 +index b99725f49..09c3577f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh -index 102d4b40b..f9a428790 100644 +index a3a7ede6a..bf760351a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_debian,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_debian,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_debian,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}} @@ -1572,7 +1573,7 @@ index 670dc8ffc..4a3f802f0 100644 stigid@sle15: SLES-15-030370 stigid@ubuntu2004: UBTU-20-010140 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml -index 3b28014d9..41c6e45a1 100644 +index 595e7b6cf..bbb05489f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml @@ -66,7 +66,7 @@ references: @@ -1585,7 +1586,7 @@ index 3b28014d9..41c6e45a1 100644 stigid@sle15: SLES-15-030060 stigid@ubuntu2004: UBTU-20-010141 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml -index a9f55f14d..eec33824e 100644 +index bf3adae2f..423054155 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml @@ -57,7 +57,7 @@ references: @@ -1598,7 +1599,7 @@ index a9f55f14d..eec33824e 100644 stigid@sle15: SLES-15-030550 stigid@ubuntu2004: UBTU-20-010136 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -index 01189ac3a..35f1f08cd 100644 +index 454f68577..03cc1e157 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -58,7 +58,7 @@ references: @@ -1611,7 +1612,7 @@ index 01189ac3a..35f1f08cd 100644 stigid@sle15: SLES-15-030560 stigid@ubuntu2004: UBTU-20-010161 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml -index a00cb6231..f398b9790 100644 +index ddd2466b3..bc30c6665 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml @@ -57,7 +57,7 @@ references: @@ -1624,10 +1625,10 @@ index a00cb6231..f398b9790 100644 stigid@ubuntu2004: UBTU-20-010139 stigid@ubuntu2204: UBTU-22-654115 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -index d0fa760e5..d70fbbae2 100644 +index d01d81fca..04c930100 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml -@@ -58,7 +58,7 @@ references: +@@ -61,7 +61,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000029-CTR-000085,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030640 stigid@ol8: OL08-00-030317 @@ -1650,7 +1651,7 @@ index 655f14784..cb8c772ff 100644 stigid@ubuntu2204: UBTU-22-654120 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml -index 7b5ffa69d..06263dfc0 100644 +index 8473b25a0..6ae9e6f22 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml @@ -54,7 +54,7 @@ references: @@ -1676,12 +1677,12 @@ index d54a24124..129eaeae3 100644 stigid@sle15: SLES-15-030500 stigid@ubuntu2004: UBTU-20-010176 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh -index b57078075..5d03b92a6 100644 +index 0a507477d..3f2662a3c 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # Traverse all of: # @@ -1697,10 +1698,10 @@ index 26d02c24e..28daa9106 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -index 1eae30fa7..356531c34 100644 +index 3e5198685..7fce51fd8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml -@@ -51,7 +51,7 @@ references: +@@ -53,7 +53,7 @@ references: pcidss: Req-10.5.2 srg: SRG-OS-000057-GPOS-00027,SRG-OS-000058-GPOS-00028,SRG-OS-000059-GPOS-00029,SRG-APP-000119-CTR-000245,SRG-APP-000120-CTR-000250 stigid@ol8: OL08-00-030121 @@ -1710,12 +1711,12 @@ index 1eae30fa7..356531c34 100644 ocil_clause: 'the audit system is not set to be immutable by adding the "-e 2" option to the end of "/etc/audit/audit.rules"' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml -index 94768073f..6fd009b50 100644 +index c2ea32950..9461a6dd4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low @@ -1733,22 +1734,22 @@ index ecdc6aa7e..50b9dc000 100644 ocil_clause: 'the system is not configured to make login UIDs immutable' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml -index e55119fd1..2e7514b51 100644 +index 8c67756e1..1a4c9d76e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh -index 79440e79b..614a4e09c 100644 +index e3db83b87..c079a751d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/etc/selinux/", "wa", "MAC-policy") }}} @@ -1764,30 +1765,30 @@ index 889f83178..7896d4cb1 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml -index 496670fad..a9cce0a56 100644 +index cdfdf9b52..29f189f0d 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh -index b61368c0c..eb3bf47f9 100644 +index 4420771f2..66ae34c35 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/usr/share/selinux/", "wa", "MAC-policy") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -index 766663e81..c3ab87953 100644 +index 96a0fd181..8f8d29987 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-APP-000495-CTR-001235 stigid@ol7: OL07-00-030740 stigid@ol8: OL08-00-030302 @@ -1797,42 +1798,42 @@ index 766663e81..c3ab87953 100644 stigid@sle15: SLES-15-030350 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml -index fb56e5550..ea6929b63 100644 +index 302f4bb07..950668bd9 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian +-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot =false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh -index 1e040de05..65a6c1127 100644 +index c0fe07551..22e21e4b8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml -index 58be87f4b..3adce26dc 100644 +index 3f6757b1b..d3367c32b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian +-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh -index bd42cc0f1..366b790a4 100644 +index 74697befd..4b39bf705 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicor,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicor,multi_platform_ubuntu,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}} @@ -1874,7 +1875,7 @@ index 7a7c522d9..3265b03bf 100644 ocil_clause: 'the command does not return a line, or the line is commented out' diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml -index 0e882f8c9..e18326c0d 100644 +index 3028257be..49e27f007 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ @@ -1894,22 +1895,22 @@ index 15d6fa4e2..7f98c9915 100644 # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml -index 340551b27..3dcf0ed87 100644 +index 2388eaa50..e7e174451 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh -index 424d65c1f..f787822c0 100644 +index 3f80d0bec..f5d61164a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system @@ -1925,10 +1926,10 @@ index 323a798b1..46fad7416 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -index bd05c372a..28c92b0f4 100644 +index fe2ad3850..94e2346e4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -55,7 +55,7 @@ references: srg: SRG-OS-000326-GPOS-00126,SRG-OS-000327-GPOS-00127,SRG-APP-000343-CTR-000780,SRG-APP-000381-CTR-000905,SRG-OS-000755-GPOS-00220 stigid@ol7: OL07-00-030360 stigid@ol8: OL08-00-030000 @@ -1938,12 +1939,12 @@ index bd05c372a..28c92b0f4 100644 stigid@sle15: SLES-15-030640 stigid@ubuntu2004: UBTU-20-010211 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh -index 1dfe6124c..7e915ca96 100644 +index 26cd04adb..622a8eb57 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' @@ -1959,20 +1960,20 @@ index 336beb2b7..26c47e462 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh -index 07965e2c7..908fa6e54 100644 +index cd04490b2..312d7067b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -index 9bb644fb7..597211c7e 100644 +index 23b6aa511..b6ccde579 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030871 stigid@ol8: OL08-00-030170 @@ -1982,10 +1983,10 @@ index 9bb644fb7..597211c7e 100644 stigid@sle15: SLES-15-030010 stigid@ubuntu2004: UBTU-20-010101 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -index 61e7ce7be..fd13a8fd5 100644 +index 66e53dab5..9c213c8fc 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030872 stigid@ol8: OL08-00-030160 @@ -1995,10 +1996,10 @@ index 61e7ce7be..fd13a8fd5 100644 stigid@sle15: SLES-15-030040 stigid@ubuntu2004: UBTU-20-010103 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -index 5a62a050c..db6ddd67c 100644 +index f76934615..504881518 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000496-CTR-001240,SRG-APP-000497-CTR-001245,SRG-APP-000498-CTR-001250,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030874 stigid@ol8: OL08-00-030140 @@ -2008,10 +2009,10 @@ index 5a62a050c..db6ddd67c 100644 stigid@sle15: SLES-15-030030 stigid@ubuntu2004: UBTU-20-010104 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -index adb4bfb33..c452fa1cc 100644 +index 45030b4f9..623656779 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000304-GPOS-00121,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-OS-000274-GPOS-00104,SRG-OS-000275-GPOS-00105,SRG-OS-000276-GPOS-00106,SRG-OS-000277-GPOS-00107,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030870 stigid@ol8: OL08-00-030150 @@ -2021,10 +2022,10 @@ index adb4bfb33..c452fa1cc 100644 stigid@sle15: SLES-15-030000 stigid@ubuntu2004: UBTU-20-010100 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -index 10c1feb90..66a67c858 100644 +index 01ff15bf6..65d6337f3 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -@@ -56,7 +56,7 @@ references: +@@ -57,7 +57,7 @@ references: srg: SRG-OS-000004-GPOS-00004,SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000304-GPOS-00121,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000470-GPOS-00214,SRG-OS-000471-GPOS-00215,SRG-OS-000239-GPOS-00089,SRG-OS-000240-GPOS-00090,SRG-OS-000241-GPOS-00091,SRG-OS-000303-GPOS-00120,SRG-OS-000466-GPOS-00210,SRG-OS-000476-GPOS-00221,SRG-APP-000495-CTR-001235,SRG-APP-000499-CTR-001255,SRG-APP-000503-CTR-001275 stigid@ol7: OL07-00-030873 stigid@ol8: OL08-00-030130 @@ -2034,12 +2035,12 @@ index 10c1feb90..66a67c858 100644 stigid@sle15: SLES-15-030020 stigid@ubuntu2004: UBTU-20-010102 diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh -index 24b4da6b6..1b2b4dd27 100644 +index 12f82bc87..636ffd800 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml @@ -2054,12 +2055,12 @@ index 49c97e395..51f48c0f9 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh -index c511ede45..617b679c5 100644 +index cb450744b..9eeef4579 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # First perform the remediation of the syscall rule # Retrieve hardware architecture of the underlying system @@ -2075,12 +2076,12 @@ index ec76157d4..0f9e9f7cc 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh -index b7f44ab38..e6b1d1856 100644 +index d682463ec..13475da53 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml @@ -2095,12 +2096,12 @@ index 3f43030e9..85e9a47c8 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh -index b7f44ab38..e6b1d1856 100644 +index d682463ec..13475da53 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml @@ -2115,12 +2116,12 @@ index 8a58bbc38..1a73014dc 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh -index 0899dcded..fa722e21d 100644 +index 058968b6b..64acca994 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux # Perform the remediation for both possible tools: 'auditctl' and 'augenrules' {{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}} @@ -2136,12 +2137,12 @@ index 140506b60..4290a051f 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml -index ec17adf55..0ecb4079c 100644 +index e5051d1ce..c596765d1 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low @@ -2184,12 +2185,12 @@ index de4d603cd..a76d9c19b 100644 ocil_clause: the directory is not owned by root diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh -index 0dad1bfe1..29632f729 100644 +index aa7229be1..a0bfdefec 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev) @@ -2234,50 +2235,50 @@ index b558e92ad..d62740922 100644 $ sudo chmod 0700 [audit_log_directory] diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh -index 7e8c49123..999d914cd 100644 +index 999d914cd..be0a88b5b 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux source common_0700.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh -index 7cfadc195..3bb0cefbb 100644 +index 3bb0cefbb..6512a7c8f 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux source common_0700.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh -index 3654389ed..64e3e8ebc 100644 +index 64e3e8ebc..7fc43bba4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux source common_0700.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh -index b93254a4b..c7d66ccbb 100644 +index c7d66ccbb..ad3e1c375 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux source common_0700.sh @@ -2318,28 +2319,6 @@ index cf4b02b90..cd69f17c2 100644 if grep -iwq "log_file" /etc/audit/auditd.conf; then FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') -diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml -index 95acf5905..18954ffa1 100644 ---- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml -+++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/oval/shared.xml -@@ -6,7 +6,7 @@ - - - -- {{% if product in ["ol8", "rhel8"] %}} -+ {{% if product in ["ol8", "rhel8", "almalinux8"] %}} - - -@@ -28,7 +28,7 @@ - state_owner_not_root_var_log_audit - - -- {{% if product in ["ol8", "rhel8"] %}} -+ {{% if product in ["ol8", "rhel8", "almalinux8"] %}} - diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml index 703a5d470..c8e265b3e 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml @@ -2354,15 +2333,15 @@ index 703a5d470..c8e265b3e 100644 stigid@ubuntu2204: UBTU-22-653050 diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh -index 3a0d9a4e9..ab43ceb2b 100644 +index ae6cfb0cb..3f958b129 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux #!/bin/bash - sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf + # packages = audit diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh index d597ca07f..75a41c4fd 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value.fail.sh @@ -2377,32 +2356,32 @@ index d597ca07f..75a41c4fd 100644 chown testuser_123 $FILE {{% else %}} diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh -index 1879113b8..8798ae1ae 100644 +index 751a239cc..76cec50ff 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux #!/bin/bash - sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf + # packages = audit diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml -index 722f6731a..7f1879db2 100644 +index 94afe4fb6..d00fb45f0 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh -index 0b42da512..013401d8c 100644 +index e785a337a..33943c2b7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ') @@ -2420,66 +2399,66 @@ index 19e01c03a..9588a89c8 100644 ocil_clause: 'any permissions are more permissive' diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh -index 15023ca70..488ef3e3f 100644 +index 488ef3e3f..541b9fef8 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # packages = audit source common_0600.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh -index 04d76809f..6475f83ae 100644 +index 6475f83ae..e43f83687 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # packages = audit source common_0600.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh -index aea9d1b10..3f045e4c7 100644 +index 3f045e4c7..4ffe4b970 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # packages = audit source common_0600.sh diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh -index 003e3330f..368540adc 100644 +index 368540adc..a6d70cef7 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh +++ b/linux_os/guide/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # packages = audit source common_0600.sh diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml -index 083f32d74..655635941 100644 +index ab42525e8..dd31e073d 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh -index e5743cfad..b60215a3e 100644 +index ec7f65904..411e189b8 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_audispd_remote_server") }}} @@ -2508,7 +2487,7 @@ index 0bfa82083..93b11eb05 100644 . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml -index 5f12eb017..73493b7cf 100644 +index 9fdd5f730..dccc1f6b4 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml @@ -48,7 +48,7 @@ references: @@ -2521,22 +2500,22 @@ index 5f12eb017..73493b7cf 100644 stigid@sle15: SLES-15-030660 stigid@ubuntu2004: UBTU-20-010215 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml -index d4ba66ac7..de8c26b9c 100644 +index 5aeee8497..0f787ef9f 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh -index 76c1ad183..18a751f06 100644 +index 342dc194b..260ab2d1b 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_audispd_disk_full_action") }}} @@ -2646,44 +2625,44 @@ index 864e97b31..8c16af8f9 100644 . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml -index d238e7277..cbeae4d55 100644 +index a530050a7..f1968b595 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh -index 90f6fbc93..d64b401df 100644 +index ad402cfd6..3ea8445ca 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_audispd_network_failure_action") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh -index 28d00f26e..bf391529f 100644 +index 7635a2b72..e442a18e1 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh -index fea488a3e..62a08e1c7 100644 +index 3904e261e..4b0c1776e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux . $SHARED/auditd_utils.sh prepare_auditd_test_enviroment @@ -2724,22 +2703,22 @@ index 0bb1518ef..c54736340 100644 . $SHARED/auditd_utils.sh diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml -index b075778f5..d9baf1b4f 100644 +index d9baf1b4f..fb08483c0 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh -index d0065b38c..7027992a4 100644 +index 9ab82bcdd..8b833c5d7 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}} @@ -2755,10 +2734,10 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml -index c06cf1145..9456949fe 100644 +index c3734c2bf..c8547b5eb 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/rule.yml -@@ -38,7 +38,7 @@ references: +@@ -43,7 +43,7 @@ references: nist-csf: DE.AE-3,DE.AE-5,PR.DS-4,PR.PT-1,RS.AN-1,RS.AN-4 srg: SRG-OS-000047-GPOS-00023,SRG-APP-000098-CTR-000185,SRG-APP-000099-CTR-000190,SRG-APP-000100-CTR-000195,SRG-APP-000100-CTR-000200,SRG-APP-000109-CTR-000215,SRG-APP-000290-CTR-000670,SRG-APP-000357-CTR-000800 stigid@ol8: OL08-00-030040 @@ -2768,22 +2747,22 @@ index c06cf1145..9456949fe 100644 ocil_clause: 'there is no evidence of appropriate action' diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml -index 06f4a10c6..ba788edbf 100644 +index ba788edbf..d0ffec4b1 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh -index 78726bbc6..0a36846ab 100644 +index 0a36846ab..53f87b776 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_disk_error_action") }}} @@ -2799,22 +2778,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml -index 4205bb067..d7a1a4d8b 100644 +index 1b21009d5..627a30d00 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh -index 698076ac8..e59677252 100644 +index d9a56d9a7..f2bac914c 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}} @@ -2830,10 +2809,10 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml -index e595e81c2..ee1b38b6e 100644 +index 55ec11167..79ab2e8a0 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/rule.yml -@@ -45,7 +45,7 @@ references: +@@ -49,7 +49,7 @@ references: nist@sle12: AU-5(b),AU-5.1(iv) srg: SRG-OS-000047-GPOS-00023 stigid@ol8: OL08-00-030060 @@ -2843,22 +2822,22 @@ index e595e81c2..ee1b38b6e 100644 stigid@sle15: SLES-15-030590 stigid@ubuntu2004: UBTU-20-010118 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml -index 61cc4751d..7f66a5c15 100644 +index 4e9946d74..56b6296dc 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh -index 8ab6e16ab..110211558 100644 +index 3e8485ad1..070944901 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_disk_full_action") }}} @@ -2874,30 +2853,30 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml -index bcb4b0de9..2f6e309d3 100644 +index d106d2bc7..05f39159b 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh -index 06d79abb6..258378a89 100644 +index 3c6dd5aea..333f384bb 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml -index 516591612..7ecb7908e 100644 +index ea6b13852..574d80fac 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml -@@ -46,7 +46,7 @@ references: +@@ -47,7 +47,7 @@ references: srg: SRG-OS-000046-GPOS-00022,SRG-OS-000343-GPOS-00134 stigid@ol7: OL07-00-030350 stigid@ol8: OL08-00-030020 @@ -2907,22 +2886,22 @@ index 516591612..7ecb7908e 100644 stigid@sle15: SLES-15-030570 stigid@ubuntu2004: UBTU-20-010117 diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml -index 49efdc918..ab901e892 100644 +index b7dea7332..6feca20d8 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh -index f377a92dd..44680a119 100644 +index bbe421d6e..0edfb9751 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_admin_space_left_action") }}} @@ -2938,22 +2917,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml -index 9c8afcfa3..53a6da7e0 100644 +index 775930d4b..efe230b2f 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh -index 79b916559..40632d099 100644 +index c349b8c7f..04135f4fe 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_flush") }}} @@ -2969,94 +2948,94 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh -index ba44b2bb5..303e1d8f7 100644 +index 303e1d8f7..08a5bde4a 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh -index a8f68412c..0c0d35e0d 100644 +index 0c0d35e0d..fb06ca774 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh -index f3301e81a..eb39696dd 100644 +index eb39696dd..e6ee74074 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh -index 64ebd312f..c43471049 100644 +index c43471049..e5616b688 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh -index f6e0c1088..a51782746 100644 +index a51782746..4ee357cac 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh -index 47f3daf89..5cab1da02 100644 +index 5cab1da02..762fab504 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = audit --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # profiles = xccdf_org.ssgproject.content_profile_ospp # remediation = bash diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml -index c70cd104e..c97fbf56e 100644 +index 6b0994744..66d9caa8e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh -index 8a53bf847..95c5446b6 100644 +index 32e2b70b0..2130bcfe4 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_max_log_file") }}} @@ -3072,22 +3051,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml -index 69ae3cb89..f48f36569 100644 +index 925344212..9771b1a9e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh -index 5007f965f..4c06ea831 100644 +index c12f6315d..ef3a3786c 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}} @@ -3103,22 +3082,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml -index 69ae3cb89..f48f36569 100644 +index dcbd05b96..c6d5d90fc 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh -index 4609f8ec9..f4b4664e3 100644 +index 39bb41ecb..d9b9ad7f0 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}} @@ -3134,12 +3113,12 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml -index 7deaa0607..748a59d80 100644 +index 066b46a33..8ee3e725d 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low @@ -3155,22 +3134,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml -index ab0bea58e..a6158699d 100644 +index f5138053d..3c3222843 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh -index a53f062b5..e0200450d 100644 +index c0225b9f0..af081c2d6 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_space_left") }}} @@ -3186,22 +3165,22 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml -index bf6dec7e1..5ab7ec344 100644 +index 862132327..04e4ef154 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh -index e6a508f32..4be7f5b35 100644 +index 23910b030..53bc52ea6 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_auditd_space_left_action") }}} @@ -3217,10 +3196,10 @@ index 55f407e01..b9084af21 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml -index 1956706cf..cfb908562 100644 +index 30931a5e2..40de099cd 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml -@@ -57,7 +57,7 @@ references: +@@ -58,7 +58,7 @@ references: srg: SRG-OS-000343-GPOS-00134 stigid@ol7: OL07-00-030340 stigid@ol8: OL08-00-030731 @@ -3302,22 +3281,22 @@ index 1e4489ec6..9efec94dd 100644 ocil_clause: log_format isn't set to ENRICHED diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml -index 64042da08..2a1e5e6d8 100644 +index 5c892f4e0..7ffc38921 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh -index 638b566dc..8c5acfbe9 100644 +index 3bac5b229..c42a39cfa 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low @@ -3346,22 +3325,22 @@ index 3adb155e4..6ffb0c791 100644 ocil_clause: name_format isn't set to {{{ xccdf_value("var_auditd_name_format") }}} diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml -index 37fc1df9b..18d04768e 100644 +index d5ae20b44..46fc816af 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh -index aba1bf099..e628e189c 100644 +index da1b3eb04..6c238a27e 100644 --- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh +++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux # reboot = true # strategy = restrict # complexity = low @@ -3402,11 +3381,37 @@ index bcafc35b8..1579dc90f 100644 The setting for remote_server in /etc/audit/audisp-remote.conf {{% else %}} The setting for remote_server in /etc/audisp/audisp-remote.conf +diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml +index 50f9e7742..e60a7155e 100644 +--- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml ++++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_auditd/rule.yml +@@ -28,7 +28,7 @@ references: + nist: AU-12(b) + srg: SRG-OS-000063-GPOS-00032 + stigid@ol8: OL08-00-030610 +- stigid@rhel8: RHEL-08-030610 ++ stigid@almalinux8: RHEL-08-030610 + stigid@ubuntu2004: UBTU-20-010133 + stigid@ubuntu2204: UBTU-22-653065 + +diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml +index 47c502bef..3a05556b9 100644 +--- a/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml ++++ b/linux_os/guide/auditing/file_permissions_auditd/file_permissions_etc_audit_rulesd/rule.yml +@@ -28,7 +28,7 @@ references: + nist: AU-12(b) + srg: SRG-OS-000063-GPOS-00032 + stigid@ol8: OL08-00-030610 +- stigid@rhel8: RHEL-08-030610 ++ stigid@almalinux8: RHEL-08-030610 + stigid@ubuntu2004: UBTU-20-010133 + stigid@ubuntu2204: UBTU-22-653065 + diff --git a/linux_os/guide/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_argument/rule.yml -index c299d690b..16d97a7b3 100644 +index e53a46352..48cb9c37d 100644 --- a/linux_os/guide/auditing/grub2_audit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_argument/rule.yml -@@ -44,7 +44,7 @@ references: +@@ -46,7 +46,7 @@ references: pcidss: Req-10.3 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215,SRG-OS-000473-GPOS-00218,SRG-OS-000254-GPOS-00095 stigid@ol8: OL08-00-030601 @@ -3427,10 +3432,10 @@ index 065c1d459..75db9892c 100644 # Break the audit argument in kernel command line in /boot/grub2/grubenv file="/boot/grub2/grubenv" diff --git a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml -index 29aa7f9ad..ce9b67832 100644 +index 3caeb9ae7..d759aa716 100644 --- a/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml +++ b/linux_os/guide/auditing/grub2_audit_backlog_limit_argument/rule.yml -@@ -34,7 +34,7 @@ references: +@@ -36,7 +36,7 @@ references: ospp: FAU_STG.1,FAU_STG.3 srg: SRG-OS-000037-GPOS-00015,SRG-OS-000042-GPOS-00020,SRG-OS-000062-GPOS-00031,SRG-OS-000254-GPOS-00095,SRG-OS-000341-GPOS-00132,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215 stigid@ol8: OL08-00-030602 @@ -3461,10 +3466,10 @@ index f93dc5644..1fa37409f 100644 # Break the audit_backlog_limit argument in kernel command line in /boot/grub2/grubenv file="/boot/grub2/grubenv" diff --git a/linux_os/guide/auditing/package_audit_installed/rule.yml b/linux_os/guide/auditing/package_audit_installed/rule.yml -index 466f246e1..e2d0c9a57 100644 +index 6353d9d95..12a9aced8 100644 --- a/linux_os/guide/auditing/package_audit_installed/rule.yml +++ b/linux_os/guide/auditing/package_audit_installed/rule.yml -@@ -31,7 +31,7 @@ references: +@@ -32,7 +32,7 @@ references: pcidss: Req-10.1 srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220 stigid@ol8: OL08-00-030180 @@ -3727,7 +3732,7 @@ index 231034a9c..460877cec 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml -index 6002067e5..0515753c4 100644 +index 96ee57492..09bfe412b 100644 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -3738,7 +3743,7 @@ index 6002067e5..0515753c4 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml -index c122b209f..d1f676a94 100644 +index ac946bfe0..7480f574f 100644 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -3749,7 +3754,7 @@ index c122b209f..d1f676a94 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml -index fa81ece03..7a26684d2 100644 +index 23940aca3..8775144da 100644 --- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml +++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml @@ -1,5 +1,5 @@ @@ -3760,21 +3765,21 @@ index fa81ece03..7a26684d2 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml b/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml -index 89d6152dc..7afbf02b7 100644 +index d70308991..449460b4d 100644 --- a/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml +++ b/linux_os/guide/auditing/service_auditd_enabled/kubernetes/shared.yml @@ -1,5 +1,5 @@ --- --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux apiVersion: machineconfiguration.openshift.io/v1 kind: MachineConfig spec: diff --git a/linux_os/guide/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/auditing/service_auditd_enabled/rule.yml -index 855978657..1aa6504c6 100644 +index 675afac32..db22141bb 100644 --- a/linux_os/guide/auditing/service_auditd_enabled/rule.yml +++ b/linux_os/guide/auditing/service_auditd_enabled/rule.yml -@@ -55,7 +55,7 @@ references: +@@ -56,7 +56,7 @@ references: srg: SRG-OS-000062-GPOS-00031,SRG-OS-000037-GPOS-00015,SRG-OS-000038-GPOS-00016,SRG-OS-000039-GPOS-00017,SRG-OS-000040-GPOS-00018,SRG-OS-000041-GPOS-00019,SRG-OS-000042-GPOS-00021,SRG-OS-000051-GPOS-00024,SRG-OS-000054-GPOS-00025,SRG-OS-000122-GPOS-00063,SRG-OS-000254-GPOS-00095,SRG-OS-000255-GPOS-00096,SRG-OS-000337-GPOS-00129,SRG-OS-000348-GPOS-00136,SRG-OS-000349-GPOS-00137,SRG-OS-000350-GPOS-00138,SRG-OS-000351-GPOS-00139,SRG-OS-000352-GPOS-00140,SRG-OS-000353-GPOS-00141,SRG-OS-000354-GPOS-00142,SRG-OS-000358-GPOS-00145,SRG-OS-000365-GPOS-00152,SRG-OS-000392-GPOS-00172,SRG-OS-000475-GPOS-00220,SRG-APP-000095-CTR-000170,SRG-APP-000409-CTR-000990,SRG-APP-000508-CTR-001300,SRG-APP-000510-CTR-001310 stigid@ol7: OL07-00-030000 stigid@ol8: OL08-00-030181 @@ -3797,12 +3802,12 @@ index 4613ec199..1e9063ce9 100644 {{{ complete_ocil_entry_package(package="abrt") }}} diff --git a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda -index 1f6a233ed..9f3a4d6b4 100644 +index 402d15b72..47bd78fc4 100644 --- a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda +++ b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda @@ -1,3 +1,3 @@ --# platform = multi_platform_rhel,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux kdump --disable diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml @@ -3818,6 +3823,16 @@ index 6ac54b57b..bb599fdaa 100644 stigid@sle12: SLES-12-010840 stigid@sle15: SLES-15-040190 stigid@ubuntu2004: UBTU-20-010413 +diff --git a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml +index 617dc8b2a..f1a6aa4ae 100644 +--- a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml ++++ b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml +@@ -1,4 +1,4 @@ +-{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "rhel10", "sle12", "sle15"] %}} ++{{% if product in [ "ol9", "ol10", "rhel8", "almalinux8", "rhel9", "rhel10", "sle12", "sle15"] %}} + {{% set package_name = "cronie" %}} + {{% else %}} + {{% set package_name = "cron" %}} diff --git a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml index 7977cba9f..2f6eb4edf 100644 --- a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml @@ -3860,11 +3875,11 @@ index 67fc86c42..a397633e8 100644 Build the whitelist in the "/etc/fapolicyd/fapolicyd.rules" file ensuring the last rule is "deny perm=any all : all". diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml -index 5b602d196..83f10383e 100644 +index 5149ccb54..ba4119ca0 100644 --- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml +++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml -@@ -23,7 +23,7 @@ references: - nist: CM-6(a),SI-4(22) +@@ -24,7 +24,7 @@ references: + ospp: FMT_SMF_EXT.1 srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230 stigid@ol8: OL08-00-040135 - stigid@rhel8: RHEL-08-040135 @@ -3886,10 +3901,10 @@ index d1b5254d2..828ac2fd7 100644 ocil_clause: 'the service is not enabled' diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml -index d811d3f56..11c584793 100644 +index fecfd7986..6a7709ea2 100644 --- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml +++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml -@@ -34,7 +34,7 @@ references: +@@ -36,7 +36,7 @@ references: srg: SRG-OS-000074-GPOS-00042,SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040690 stigid@ol8: OL08-00-040360 @@ -3899,10 +3914,10 @@ index d811d3f56..11c584793 100644 stigid@sle15: SLES-15-010030 diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -index 181c6b3b0..375c03301 100644 +index a68fa90a8..5cd576d4e 100644 --- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml +++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml -@@ -26,7 +26,7 @@ references: +@@ -25,7 +25,7 @@ references: ism: 0418,1055,1402 srg: SRG-OS-000120-GPOS-00061 stigid@ol8: OL08-00-010161 @@ -3925,12 +3940,12 @@ index 36dc8de85..e64652a1b 100644 platforms: - krb5_server_older_than_1_17-18 diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh -index 646e63f4b..cb346ebf4 100644 +index 1edc59e35..8ee6da1fe 100644 --- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh +++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux # Use LDAP for authentication @@ -4007,22 +4022,22 @@ index 6b5349b41..1873724cd 100644 ocil_clause: 'the alias is not set or is not root' diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml -index ef8290b59..ad730ee5c 100644 +index fc2604905..fc5358f34 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh -index befe1acf3..e36b1fd3e 100644 +index ecc4cdbb0..74ecd3a36 100644 --- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh +++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux {{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}} @@ -4103,12 +4118,12 @@ index fdfe38968..92a468e1e 100644 {{{ bash_package_remove("ntp") }}} diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh -index 524cdc7d0..2678708d2 100644 +index cd57ee786..9d4bd1536 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_replace_or_append(chrony_conf_path, '^port', '0', '%s %s') }}} @@ -4124,10 +4139,10 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -index 815a75520..8a917babb 100644 +index b37e8c606..e38d1ae22 100644 --- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml -@@ -28,7 +28,7 @@ references: +@@ -29,7 +29,7 @@ references: ospp: FMT_SMF_EXT.1 srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030741 @@ -4137,12 +4152,12 @@ index 815a75520..8a917babb 100644 ocil_clause: 'the "port" option is not set to "0", is commented out, or is missing' diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh -index 25b768688..a1e46bc12 100644 +index 530dadf92..fbd49988f 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_replace_or_append(chrony_conf_path, '^cmdport', '0', '%s %s') }}} @@ -4158,10 +4173,10 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -index 5dd6dcdd9..5c94f9f9d 100644 +index 7a926f6fe..5d9485f1b 100644 --- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml -@@ -26,7 +26,7 @@ references: +@@ -27,7 +27,7 @@ references: nist: CM-7(1) srg: SRG-OS-000096-GPOS-00050,SRG-OS-000095-GPOS-00049 stigid@ol8: OL08-00-030742 @@ -4221,12 +4236,12 @@ index f6da9d51f..2eeff701b 100644 {{{ bash_package_remove("ntp") }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh -index f82c5018e..4ab4df582 100644 +index ac8331a87..9624f2a68 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux {{{ bash_instantiate_variables("var_multiple_time_servers") }}} @@ -4242,12 +4257,12 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh -index c8619f66e..141adec0b 100644 +index 3a3a23fe9..299d89cf8 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol +-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_instantiate_variables("var_multiple_time_servers") }}} @@ -4263,78 +4278,78 @@ index c435df983..b80ffbf7b 100644 # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml -index b7eaee763..ceeb3228c 100644 +index d486aa76f..f8d6d0a4d 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh -index 2e3d4e406..a348b99df 100644 +index 5ff9c9622..6d5f0533e 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # packages = chrony diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh -index b75e59c2e..6c3415c34 100644 +index 4de1100fc..7dc4f1ac8 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # packages = chrony diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh -index e7c266e7f..7ce4dd93a 100644 +index a6aec8b43..6f69b2e2c 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_almalinux # packages = chrony diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh -index 7b9cbcb9a..154effcbd 100644 +index eab887d1e..405052a61 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_almalinux # packages = chrony diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh -index 0b8c54cfb..7a44d477b 100644 +index 59ae881be..2012f377b 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # packages = chrony diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh -index 69908e41f..0c506bca3 100644 +index 3d61831a4..6fdb4f927 100644 --- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # packages = chrony @@ -4352,74 +4367,74 @@ index 353812b08..2eb12a06e 100644 ocil_clause: 'an authoritative remote time server is not configured or configured with pool directive' diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh -index b2427c1d5..2d62ca68b 100644 +index 2d62ca68b..a1e31becd 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # remediation = none echo "" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh -index 16c634e0a..e0e0b136a 100644 +index e0e0b136a..e580935c3 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # remediation = none rm -f {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh -index 56b414e2e..c28bc2f7f 100644 +index c28bc2f7f..1531b723f 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # remediation = none echo "some line" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh -index 01a21e0b0..3b8082c73 100644 +index 3b8082c73..46d315330 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # remediation = none sed -i "^pool.*" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh -index 6f45a555f..5d03e6e21 100644 +index 5d03e6e21..5d4635d79 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # remediation = none sed -i "^server.*" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh -index ec9e58c75..1a31ccf74 100644 +index 1a31ccf74..cb3e12f9e 100644 --- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux sed -i "^pool.*" {{{ chrony_conf_path }}} echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} @@ -4437,101 +4452,101 @@ index 516a57a68..1b36373e5 100644 ocil_clause: 'a remote time server is not configured' diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh -index d74bde623..8f83241cd 100644 +index 8f83241cd..f2cdded0d 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh -index 56cee5abd..a8d771d62 100644 +index a8d771d62..ae0616c78 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "pool 0.pool.ntp.org" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh -index 50e0715cc..e75a1ec07 100644 +index e75a1ec07..16f42a823 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "" > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh -index d89bdb1e5..a56b2e0dc 100644 +index a56b2e0dc..00c521da0 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux rm -f {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh -index ce121222a..3c7d36f8b 100644 +index 3c7d36f8b..611671aa1 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "some line" > {{{ chrony_conf_path }}} echo "another line" >> {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh -index 917d2e610..eccff3389 100644 +index eccff3389..5ed2a891b 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh @@ -1,6 +1,6 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}} echo "server 1.pool.ntp.org" >> {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh -index 5f0ad2c6e..7c6175efb 100644 +index 7c6175efb..82702e161 100644 --- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash # packages = chrony --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux echo "server " > {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml -index ff1bfe242..b8fbb95c1 100644 +index 752528317..8b06d668e 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = enable # complexity = low diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh -index b322a02cf..f9c83a600 100644 +index e2af37ad2..14fd678e8 100644 --- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh +++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle -+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle +-# platform = Red Hat Enterprise Linux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = enable # complexity = low @@ -4562,22 +4577,22 @@ index 8ea49101f..7d4e47fb9 100644 stigid@sle15: SLES-15-040030 diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml -index 9c6fc297c..7db8e8320 100644 +index 1000f014b..3919f4e97 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle -+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle +-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux # reboot = false # strategy = restrict # complexity = low diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh -index e64838b15..baaa07631 100644 +index 1f32d1374..8d36a9622 100644 --- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh +++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu -+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu +-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux find /root -xdev -type f -name ".rhosts" -exec rm -f {} \; find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \; @@ -4617,12 +4632,12 @@ index 3c2b23136..44a4266fb 100644 - general: The package is not available in {{{ full_name }}}. diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml -index 38024ff19..9d507bc24 100644 +index 011a419a9..de86972f8 100644 --- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml +++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml -@@ -56,7 +56,7 @@ template: - pkgname@ubuntu2004: rsh-client +@@ -59,7 +59,7 @@ template: pkgname@ubuntu2204: rsh-client + pkgname@ubuntu2404: rsh-client -{{% if product in ["rhel8", "rhel9"] %}} +{{% if product in ["rhel8", "almalinux8", "rhel9"] %}} @@ -4643,10 +4658,10 @@ index a820ba060..2b38dc61f 100644 - general: The package is not available in {{{ full_name }}}. diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml -index 5e382e97b..3dcc86722 100644 +index 58c464869..4c9d3a00c 100644 --- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml +++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml -@@ -38,7 +38,7 @@ template: +@@ -40,7 +40,7 @@ template: vars: pkgname: talk @@ -4656,10 +4671,10 @@ index 5e382e97b..3dcc86722 100644 - general: The package is not available in {{{ full_name }}}. diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml -index 263d036f9..63cfe4fcb 100644 +index eb3db257a..e1affb1e8 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml -@@ -46,7 +46,7 @@ references: +@@ -48,7 +48,7 @@ references: srg: SRG-OS-000095-GPOS-00049 stigid@ol7: OL07-00-021710 stigid@ol8: OL08-00-040000 @@ -4669,17 +4684,17 @@ index 263d036f9..63cfe4fcb 100644 stigid@sle15: SLES-15-010180 diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -index 72e6a5780..dbd1dbd76 100644 +index 3f6b4f8cb..b2ded3e59 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -@@ -35,7 +35,7 @@ references: +@@ -40,7 +40,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040700 stigid@ol8: OL08-00-040190 - stigid@rhel8: RHEL-08-040190 + stigid@almalinux8: RHEL-08-040190 - {{{ complete_ocil_entry_package(package="tftp-server") }}} + {{{ complete_ocil_entry_package(package=package_name) }}} diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml index 8b3864392..0c9ad8711 100644 @@ -4798,152 +4813,152 @@ index c54b259d0..78a682cc8 100644 {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}} diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh -index cd5171c1b..6301578ba 100644 +index fbda6fd60..d1a638d99 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux + {{% set dedicated_ssh_groupname = groups.get("dedicated_ssh_keyowner", {}).get("name", "root") %}} - if ! grep -q ssh_keys /etc/group; then - groupadd ssh_keys + if ! grep -q "{{{ dedicated_ssh_groupname }}}" /etc/group; then diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh -index 840370623..c64f052be 100644 +index c64f052be..402936cc4 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_group="cac_testgroup" groupadd $test_group diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh -index 4964fe4a1..f5fd88dd3 100644 +index 408472a24..4dc8f50ef 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux + {{% set dedicated_ssh_groupname = groups.get("dedicated_ssh_keyowner", {}).get("name", "root") %}} test_group="cac_testgroup" - groupadd $test_group diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh -index 8028e0466..36ebda0b3 100644 +index 36ebda0b3..a6563fd32 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub) chgrp root "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh -index 56c713f3d..505f3adfb 100644 +index 505f3adfb..23425740c 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_group="cac_testgroup" groupadd $test_group diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh -index 7cffa2c97..9c0f3a28b 100644 +index 9c0f3a28b..b1b4cf85b 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh @@ -1,4 +1,4 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux rm -f /etc/ssh/*.pub diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh -index b6bef987d..799d5044b 100644 +index 799d5044b..409c163a4 100644 --- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh +++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_group="cac_testgroup" groupadd $test_group diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh -index b36e8a3d7..494455df2 100644 +index 494455df2..70aba322d 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key) chown root "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh -index 30da398eb..4ee3a3c1f 100644 +index 4ee3a3c1f..2d9dc174d 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_user="cac_testuser" useradd $test_user diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh -index 59f414be3..484da1eec 100644 +index 484da1eec..e2b7d8ae2 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_user="cac_testuser" useradd $test_user diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh -index adc985a1a..489f65995 100644 +index 489f65995..d4d95581b 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub) chown root "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh -index 4fa528fe3..bbc3c6147 100644 +index bbc3c6147..1f3e52620 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_user="cac_testuser" useradd $test_user diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh -index 16878dc1d..6c3983a9d 100644 +index 6c3983a9d..99dc90fbc 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh +++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux test_user="cac_testuser" useradd $test_user diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -index 7469527d6..e83611da2 100644 +index 8e73eb2e5..ecdc62c46 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/rule.yml -@@ -53,7 +53,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040420 stigid@ol8: OL08-00-010490 @@ -4953,43 +4968,43 @@ index 7469527d6..e83611da2 100644 stigid@sle15: SLES-15-040250 diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh -index 28325e1f7..d19148a0b 100644 +index 87e5d757e..f8c229dc8 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux + + {{% set dedicated_ssh_groupname = groups.get("dedicated_ssh_keyowner", {"name": "root"}).get("name") %}} - FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key) - chown root:ssh_keys "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh -index 63e2d8642..8a5a658b5 100644 +index fc87b17e8..6e8614707 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux + + {{% set dedicated_ssh_groupname = groups.get("dedicated_ssh_keyowner", {"name": "root"}).get("name") %}} - FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key) - chown root:ssh_keys "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh -index 48ecfbcac..c5a05db8b 100644 +index b95f1c89a..56427888b 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh +++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux + + {{% set dedicated_ssh_groupname = groups.get("dedicated_ssh_keyowner", {"name": "root"}).get("name") %}} - FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key) - chown root:ssh_keys "$FAKE_KEY" diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -index 6b70b8e5c..ba1394e94 100644 +index 9e802982d..20d9545a2 100644 --- a/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml +++ b/linux_os/guide/services/ssh/file_permissions_sshd_pub_key/rule.yml -@@ -37,7 +37,7 @@ references: +@@ -38,7 +38,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040410 stigid@ol8: OL08-00-010480 @@ -5012,7 +5027,7 @@ index 27e2fe7ba..5cfd5d9c9 100644 stigid@ubuntu2204: UBTU-22-255010 diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml -index a8774a1b5..a2c9081ba 100644 +index 46d2a4599..4ad07b099 100644 --- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml +++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml @@ -40,7 +40,7 @@ references: @@ -5089,10 +5104,10 @@ index 5a97f74df..104b27f3f 100644 kind: MachineConfig spec: diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml -index 8f9ec93a5..4137c8051 100644 +index 3f4b9fb42..df175a70c 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -53,7 +53,7 @@ references: srg: SRG-OS-000106-GPOS-00053,SRG-OS-000480-GPOS-00229,SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-010300 stigid@ol8: OL08-00-020330 @@ -5128,10 +5143,10 @@ index baa1a8c31..9591371cc 100644 {{{ complete_ocil_entry_sshd_option(default="yes", option="KerberosAuthentication", value="no") }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml -index 9a07f75ee..9a2244fbb 100644 +index 5ef44759f..0ec26af63 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml -@@ -49,7 +49,7 @@ references: +@@ -50,7 +50,7 @@ references: srg: SRG-OS-000109-GPOS-00056,SRG-OS-000480-GPOS-00227,SRG-APP-000148-CTR-000335,SRG-APP-000190-CTR-000500 stigid@ol7: OL07-00-040370 stigid@ol8: OL08-00-010550 @@ -5154,10 +5169,10 @@ index 362fe2673..a091f8c9b 100644 stigid@sle15: SLES-15-040230 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml -index f520fbad5..63e00a574 100644 +index 9fa2cb3cd..cdd5e9a94 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml -@@ -43,7 +43,7 @@ references: +@@ -44,7 +44,7 @@ references: srg: SRG-OS-000480-GPOS-00227 stigid@ol7: OL07-00-040710 stigid@ol8: OL08-00-040340 @@ -5167,10 +5182,10 @@ index f520fbad5..63e00a574 100644 stigid@ubuntu2004: UBTU-20-010048 stigid@ubuntu2204: UBTU-22-255040 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml -index 8c524bdcd..4da257f8e 100644 +index 6c1a29f3f..ba96ded74 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml -@@ -47,7 +47,7 @@ references: +@@ -48,7 +48,7 @@ references: srg: SRG-OS-000480-GPOS-00229 stigid@ol7: OL07-00-010460 stigid@ol8: OL08-00-010830 @@ -5193,10 +5208,10 @@ index 3320ebf99..15111b069 100644 stigid@sle15: SLES-15-040260 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml -index 6888999e6..ee6da669f 100644 +index 2437b9f0f..f845afee1 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml -@@ -45,7 +45,7 @@ references: +@@ -46,7 +46,7 @@ references: srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088 stigid@ol7: OL07-00-040170 stigid@ol8: OL08-00-010040 @@ -5242,10 +5257,10 @@ index a31a14f8a..08ad17d7b 100644 mkdir -p /etc/ssh/sshd_config.d diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -index 696e203cd..854132594 100644 +index 1e9c04404..262cf38a6 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml -@@ -53,7 +53,7 @@ references: +@@ -54,7 +54,7 @@ references: srg: SRG-OS-000126-GPOS-00066,SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109,SRG-OS-000395-GPOS-00175 stigid@ol7: OL07-00-040320 stigid@ol8: OL08-00-010201 @@ -5255,10 +5270,10 @@ index 696e203cd..854132594 100644 stigid@sle15: SLES-15-010280 stigid@ubuntu2004: UBTU-20-010037 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml -index 75789bf3b..1c230359d 100644 +index 56e90a9e5..f8cc88f4c 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml -@@ -52,7 +52,7 @@ references: +@@ -53,7 +53,7 @@ references: pcidss: Req-8.1.8 srg: SRG-OS-000163-GPOS-00072,SRG-OS-000279-GPOS-00109 stigid@ol8: OL08-00-010200 @@ -5268,18 +5283,18 @@ index 75789bf3b..1c230359d 100644 stigid@sle15: SLES-15-010320 stigid@ubuntu2004: UBTU-20-010036 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh -index e38b6bf60..4658991c3 100644 +index fce5bd18e..5067ec7b1 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux if grep -q "^Ciphers" /etc/ssh/sshd_config; then sed -i "s/^Ciphers.*/Ciphers aes192-ctr,aes128-ctr/" /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml -index bfd521ac1..97642c41c 100644 +index 8a48ac77d..3bb124d42 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/rule.yml @@ -47,7 +47,7 @@ references: @@ -5292,46 +5307,46 @@ index bfd521ac1..97642c41c 100644 stigid@sle15: SLES-15-040450 stigid@ubuntu2004: UBTU-20-010045 diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh -index 925d9862f..d3146b477 100644 +index 314d61bcc..8df83f8c9 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh -index a2af968bb..34dc5eae4 100644 +index 371994f0a..d3e5053c3 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh -index b99287bd4..49cfc66c0 100644 +index 24abc3657..73c299a19 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh -index 0dc5ce52d..2e01aa869 100644 +index 3e1d6cf63..f6610b8f6 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh @@ -5347,102 +5362,102 @@ index 3fd2901a9..2e3d34fef 100644 source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh -index d0fdba3e0..562580591 100644 +index 9b29c341e..bb9c8e6f8 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh @@ -1,4 +1,4 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh -index 46040718a..82010363d 100644 +index a57f854e8..21af5e100 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh -index 15cf3f7fa..be91dfca7 100644 +index 9a81d884e..d07425b4d 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux source common.sh diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh -index edb2553d2..2bfd42c86 100644 +index 2bfd42c86..d902546e9 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com", '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh -index b903a7a08..cd6f95db4 100644 +index cd6f95db4..fd103a841 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux {{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}} diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh -index e0a7f0ac5..20fbef899 100644 +index 804b9961c..4d1454406 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/tests/correct_reduced_list.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux if grep -q "^MACs" /etc/ssh/sshd_config; then sed -i "s/^MACs.*/MACs hmac-sha2-512/" /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh -index ba493f99f..dad0a61e3 100644 +index dad0a61e3..b9167c2af 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux sed -i 's/^\s*Ciphers\s.*//i' /etc/ssh/sshd_config echo "Ciphers aes256-ctr" >> /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh -index 27a2e37ac..3e678dccb 100644 +index 3e678dccb..7d2d8963f 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux sed -i 's/^\s*Ciphers\s/# &/i' /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh -index ca08e633a..f90fa48d6 100644 +index 319a68f7b..f06f8b1c9 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux sed -i 's/^\s*MACs\s.*//i' /etc/ssh/sshd_config echo "MACs hmac-sha2-512" >> /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh -index 5a98fc0eb..846cdd444 100644 +index a98027622..8568add5b 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml @@ -5472,81 +5487,81 @@ index 6fb515baf..62d97825a 100644 stigid@ubuntu2004: UBTU-20-010049 stigid@ubuntu2204: UBTU-22-255045 diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml -index 202fc7f44..711cc57c6 100644 +index c6e8836fa..0e593b114 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux # reboot = false # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh -index 68a6a1291..740c94e10 100644 +index 2c4b0b393..f5bf4cfbf 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}} diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml -index 891b3e2f9..6cb0bce26 100644 +index f8f3cd3e5..6e5194e65 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux # reboot = false # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh -index 5c83263bc..91e28ba16 100644 +index babf427ff..ed550ea0a 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh @@ -1,3 +1,3 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}} diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml -index b38bc41fe..33c5c9034 100644 +index 0a1efcabc..87184d846 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux # reboot = false # strategy = unknown # complexity = low diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh -index 564e32815..02bed6db8 100644 +index b93c3447e..39a3fd3e1 100644 --- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol -+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol +-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux ++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux {{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}} diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml -index 02cfde93e..1b9644302 100644 +index 1b9644302..e99b277ac 100644 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml @@ -1,4 +1,4 @@ --# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel -+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux +-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux ++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh -index a7e449e52..84da3094e 100644 +index 702a592e1..9a4ce156a 100644 --- a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora -+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora +-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_almalinux ++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_almalinux # reboot = false # strategy = configure # complexity = low @@ -5577,76 +5592,41 @@ index 0c4a9a86a..1c957d991 100644 warnings: - general: |- diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh -index 09e863e4a..ba1f546e9 100644 +index 69c4c85f0..7ad5c8fcb 100644 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh @@ -1,4 +1,4 @@ --# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol -+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol +-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux ++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux -diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml -index 00f88e11d..328633728 100644 ---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml -+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml -@@ -47,7 +47,7 @@ - replace: 'pam_cert_auth = True' - with_items: "{{ sssd_conf_d_files.files }}" - --{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}} -+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} - - name: '{{{ rule_title }}} - Check if system relies on authselect' - ansible.builtin.stat: - path: /usr/bin/authselect -diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -index b896f4f7d..af7771778 100644 ---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh -@@ -13,7 +13,7 @@ umask u=rw,go= - - umask $OLD_UMASK - --{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}} -+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} - if [ -f /usr/bin/authselect ]; then - {{{ bash_enable_authselect_feature('with-smartcard') | indent(4) }}} - else diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml -index 1cadee2e4..1c1a2507f 100644 +index b8ebf0eb5..b6ce47ea9 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml -@@ -5,7 +5,7 @@ - - -- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}} -+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} +@@ -9,7 +9,7 @@ + {{% endif %}} +- {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}} ++ {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} (?i)true + test_ref="test_sssd_enable_smartcards_cert_auth_system_auth"/> + {{% endif %}} +@@ -50,7 +50,7 @@ + ^.*allow_missing_name.*$ - -- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}} -+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} + {{% endif %}} +- {{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}} ++ {{% if product in ["ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} + comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/system-auth" + id="test_sssd_enable_smartcards_cert_auth_system_auth" version="2"> diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml -index e729a6822..9563926af 100644 +index 4054fdd24..b1cc5b4bf 100644 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml -@@ -10,7 +10,7 @@ description: |- - 
[pam]
-     pam_cert_auth = True
-
-- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}} -+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}} - Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include - "try_cert_auth" or "require_cert_auth" option, like in the following example: - 
 @@ -48,7 +48,7 @@ references:
      pcidss: Req-8.3
      srg: SRG-OS-000375-GPOS-00160,SRG-OS-000105-GPOS-00052,SRG-OS-000106-GPOS-00053,SRG-OS-000107-GPOS-00054,SRG-OS-000108-GPOS-00055
@@ -5656,129 +5636,111 @@ index e729a6822..9563926af 100644
  
  ocil_clause: 'smart cards are not enabled in SSSD'
  
-@@ -58,7 +58,7 @@ ocil: |-
-     If configured properly, output should be
-     
pam_cert_auth = True

- 
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
-     To verify that smart cards are enabled in PAM files, run the following command:
-     
$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth

-     If configured properly, output should be
-@@ -73,7 +73,7 @@ fixtext: |-
- 
-     pam_cert_auth = True
- 
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9"] %}}
-     Enable the with-smartcard feature using the authselect command:
-     sudo authselect enable-feature with-smartcard
-     sudo authselect apply-changes -b
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
-index bcaae2a60..53947d224 100644
+index 20d721658..2a4422daf 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # remediation = none
  
  SSSD_FILE="/etc/sssd/sssd.conf"
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
-index 5f4aaa725..be9cee3f3 100644
+index ba800bcea..10d4d2975 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
-index 860e0bb6c..b1763e438 100644
+index afd575dd8..a76a1a423 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
-index 7e2019cff..ca200076f 100644
+index 05ecf8a8a..654864a62 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/conf.d/unused.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
-index 78b79752a..2f436c9e9 100644
+index 9758d9bda..998600da6 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
-index aaf33d7b0..a20a8c190 100644
+index eb58f3dcf..4e4cc0fa0 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
-index b1ed28f39..576cf7649 100644
+index 262abd276..c6f2babd7 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/conf.d/unused.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
-index 85bb1de67..a1ef34292 100644
+index d3fc7375f..2c189f569 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  echo "[pam]" > $SSSD_FILE
 diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
-index 43e19d382..2848e2072 100644
+index 456f06484..e6fb4c857 100644
 --- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
 +++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  SSSD_FILE="/etc/sssd/sssd.conf"
  rm -f $SSSD_FILE
@@ -5796,22 +5758,22 @@ index ceeecb8cb..09ff7a09b 100644
  warnings:
      - general: |-
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
-index 0817b532e..f27acd4e2 100644
+index 7330df5a6..f13b1ce81 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
-index 6a8a81817..2f380920e 100644
+index 0399c1e6b..77ef40bd4 100644
 --- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
  
@@ -5882,43 +5844,43 @@ index 7bf7526b9..002925ac9 100644
  
  echo -e "[pam]\noffline_credentials_expiration = 2" >> $SSSD_CONF
 diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
-index 3da9609d7..06586bd8a 100644
+index 4c619f87c..47e3ddb70 100644
 --- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
  
  MAIN_CONF="/etc/sssd/conf.d/ospp.conf"
  
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
-index b92e1d3a6..747a90b31 100644
+index f28c66802..237ffd0a9 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
 +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
-index f066ef1bd..01254fa6f 100644
+index 01254fa6f..f2b27318d 100644
 --- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
 +++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}}
  
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
-index 331627492..72a361b30 100644
+index b55eb3bc1..30d11e085 100644
 --- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
 @@ -1,3 +1,3 @@
  ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
  {{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
 diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
 index c1e549877..611b62e64 100644
@@ -5934,22 +5896,22 @@ index c1e549877..611b62e64 100644
  platform: package[usbguard]
  
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
-index 9f18591b3..b49d5217a 100644
+index df1cb8eb9..52ee325ce 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-index 2e8ab4691..d1078274f 100644
+index 0ee956052..552fb175e 100644
 --- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
 +++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
-@@ -49,7 +49,7 @@ references:
-     nist: CM-8(3),IA-3
+@@ -50,7 +50,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000378-GPOS-00163,SRG-APP-000141-CTR-000315
      stigid@ol8: OL08-00-040139
 -    stigid@rhel8: RHEL-08-040139
@@ -5958,13 +5920,13 @@ index 2e8ab4691..d1078274f 100644
  ocil_clause: 'the package is not installed'
  
 diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
-index e9c55dfb0..9be805c13 100644
+index 82933957f..d3e59b57f 100644
 --- a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
  apiVersion: machineconfiguration.openshift.io/v1
  kind: MachineConfig
  metadata:
@@ -5982,33 +5944,33 @@ index e8112110a..b42279c97 100644
  ocil_clause: 'the service is not enabled'
  
 diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
-index 5ef460be8..8a12559f6 100644
+index 9b4ae451a..ec1e4650e 100644
 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
 @@ -1,5 +1,5 @@
  ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos,multi_platform_almalinux
  {{% macro usbguard_hid_and_hub_config_source() %}}
  allow with-interface match-all { 03:*:* 09:00:* }
  {{%- endmacro -%}}
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
-index cca593262..5ac5c0678 100644
+index 5ac5c0678..1ebe2be5a 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
-index 88d55f160..f2f336700 100644
+index f2f336700..aaebdedad 100644
 --- a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
 +++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
@@ -6026,20 +5988,20 @@ index c5d5738db..f1010c040 100644
  ocil_clause: 'there is no evidence that unauthorized peripherals are being blocked before establishing a connection'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
-index 6980dd0e2..20c40703e 100644
+index 2a8bebbe1..c8166efa3 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,multi_platform_ol,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-index fc227651b..e3c893048 100644
+index 5d3f071b2..52c14053a 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040730
      stigid@ol8: OL08-00-040320
@@ -6049,10 +6011,10 @@ index fc227651b..e3c893048 100644
  ocil_clause: 'xorg related packages are not removed and run level is not correctly configured'
  
 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-index bb4f6cd93..1251a07c6 100644
+index cdf17da62..5725f1cc9 100644
 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
 +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist-csf: PR.AC-3,PR.PT-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040321
@@ -6133,10 +6095,10 @@ index c2feb1fbc..116c6cde5 100644
  kind: MachineConfig
  metadata:
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-index f26873ada..f9eab4878 100644
+index 88aa853a5..faf29e85a 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
-@@ -120,7 +120,7 @@ references:
+@@ -121,7 +121,7 @@ references:
      srg: SRG-OS-000023-GPOS-00006,SRG-OS-000228-GPOS-00088
      stigid@ol7: OL07-00-010050
      stigid@ol8: OL08-00-010060
@@ -6146,22 +6108,22 @@ index f26873ada..f9eab4878 100644
      stigid@sle15: SLES-15-010020
  
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
-index 5735d2035..0ca7771ef 100644
+index 2a975b00b..09ecda363 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = unknown
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
-index 4d77e8336..4ed727fc5 100644
+index 632aa10fd..b2ce651cd 100644
 --- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("motd_banner_text") }}}
  
@@ -6269,22 +6231,22 @@ index b789b906e..18feffa3d 100644
      stigid@sle15: SLES-15-020104
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
-index ad3b44290..562d3b354 100644
+index 71230856a..29c53f357 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
-index 891d516d5..ff2f7b63b 100644
+index 2c790b820..dfbf3aed3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+-# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux
  
  {{%- if "sle" in product or "slmicro" in product or "ubuntu" in product %}}
  {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
@@ -6338,22 +6300,22 @@ index 325d5860a..09df07cce 100644
  if authselect list-features sssd | grep -q with-silent-lastlog; then
      authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
-index 003dc0beb..fd02163bd 100644
+index 553f5c48e..d125b48b5 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
-index 28062890d..b04531a5b 100644
+index b1a534e45..eeb8869e3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/enable_pam_namespace/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_almalinux
  if ! grep -Eq '^\s*session\s+required\s+pam_namespace.so\s*$' '/etc/pam.d/login' ; then
      echo "session    required     pam_namespace.so" >> "/etc/pam.d/login"
  fi
@@ -6371,26 +6333,26 @@ index 533db0328..ef8174729 100644
  ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/password-auth" file with the "preauth" line listed before pam_unix.so'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
-index 98fab1858..1dc7417b6 100644
+index 4abed18e2..609a92b7e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
-index ce36c2d22..ac0d46b24 100644
+index 077479b8a..7be653143 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
@@ -6408,26 +6370,26 @@ index 5be40f349..0d7ca9097 100644
  ocil_clause: 'the pam_faillock.so module is not present in the "/etc/pam.d/system-auth" file with the "preauth" line listed before pam_unix.so'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
-index 98fab1858..1dc7417b6 100644
+index 4abed18e2..609a92b7e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
-index ce36c2d22..ac0d46b24 100644
+index 077479b8a..7be653143 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  authselect create-profile test_profile -b sssd
  authselect select "custom/test_profile" --force
@@ -6445,22 +6407,22 @@ index e46b40d68..77a2a4d91 100644
  platform: system_with_kernel
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
-index e9ecd879f..74e4c0b09 100644
+index 009ab4c47..82a6ca2ad 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
-index 63d03f08d..e0eae4498 100644
+index e367d9950..b3d959223 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
@@ -6489,39 +6451,49 @@ index e1eb0a970..79ba23b4a 100644
  
  source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+index 98037b3e3..1b612754f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+index f56bdbce2..56ecfb5ff 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
-index 95c3a04db..37caefc2f 100644
+index caf296a50..81b18c656 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
-index 365006509..2a10d041b 100644
+index 9999fa6db..097a4a9fd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-index fb7bc6dd7..a35c2c411 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
-@@ -54,7 +54,7 @@ references:
-     nist@sle15: IA-5(1)(e),IA-5(1).1(v)
-     pcidss: Req-8.2.5
-     srg: SRG-OS-000077-GPOS-00045
--    stigid@rhel8: RHEL-08-020220
-+    stigid@almalinux8: RHEL-08-020220
- 
- ocil_clause: |-
-     the pam_pwhistory.so module is not used, the "remember" module option is not set in
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
 index bef6bbcea..8263dd4a0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
@@ -6631,38 +6603,25 @@ index debcc53ca..a86b0a1d1 100644
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
-index e4be20de0..a9d7e2ec1 100644
+index 726d2382f..ce6d7a973 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
-index a55f86dc3..5506f8c40 100644
+index abd5f6a2f..93aec4d08 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-index 8ad3e9c5d..36690b5fa 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
-@@ -54,7 +54,7 @@ references:
-     nist@sle15: IA-5(1)(e),IA-5(1).1(v)
-     pcidss: Req-8.2.5
-     srg: SRG-OS-000077-GPOS-00045
--    stigid@rhel8: RHEL-08-020221
-+    stigid@almalinux8: RHEL-08-020221
- 
- ocil_clause: |-
-     the pam_pwhistory.so module is not used, the "remember" module option is not set in
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
 index fe238b41b..84c181749 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
@@ -6892,22 +6851,22 @@ index 253d50de1..6665b7b06 100644
  
  remember_cnt=3
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
-index 1eab1f8c4..f29521f1b 100644
+index 33884b3f8..e27f401f1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
-index 021a400c0..09b9d3918 100644
+index d62aea05b..11c613bdd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
@@ -6925,54 +6884,54 @@ index a25e3c01a..0beff3a62 100644
      stigid@ubuntu2204: UBTU-22-411045
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index d805aa018..d188e828a 100644
+index 2ba38d0ad..bdd471cdc 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-index e1eb0a970..79ba23b4a 100644
+index bcfa1a721..2cb77dd13 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
-index c35696fee..f9615fcef 100644
+index 5c778c98f..28c06543e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_pam_files.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
-index 5bbbc464e..15a644bba 100644
+index ee74e12f6..435bd0f28 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/missing_parameter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
-index f18c0a14f..6861469b3 100644
+index 52107ee48..9e8005709 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
 @@ -49,7 +49,7 @@ references:
@@ -6984,128 +6943,23 @@ index f18c0a14f..6861469b3 100644
      stigid@ubuntu2004: UBTU-20-010072
      stigid@ubuntu2204: UBTU-22-411045
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-index b3232cc93..ec32d65f7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-index 24f5731f6..c118c9be0 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-index aa3ca061d..6d383b228 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-index 67c1b593b..74bb77abe 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-index e770e300f..ceffa12a0 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index fd57152b8..0ee33185e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index efb57601c..4127e7265 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-index e3ec96da0..56c6b75f3 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index 595b85192..392d025a0 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
- 
- authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
-index 2a6868f38..70448df97 100644
+index e35234bbd..09177f44d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
-index 09d8aeee0..72b3aeacb 100644
+index c57f1309f..e33edd7b3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  
  {{{ bash_pam_faillock_enable() }}}
  {{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
@@ -7134,14 +6988,14 @@ index b3232cc93..ec32d65f7 100644
  
  SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
-index d39d1ae31..431ef19ad 100644
+index 7a6fcb555..8dbcb0b0e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
  pam_files=("password-auth" "system-auth")
  
@@ -7218,6 +7072,42 @@ index 6bb763cf5..9562ea10f 100644
  
  source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
+index 2894185b0..a6c6962ee 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_pam_files.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
+index 3953a7567..5562f07c1 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_authfail.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
+index 303cf124f..23e99033b 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/missing_dir_in_preauth.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
 index 2f08a7d47..19ae579cf 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
@@ -7230,6 +7120,18 @@ index 2f08a7d47..19ae579cf 100644
  
  source common.sh
  
+diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
+index 45724e5e1..2b418159f 100644
+--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_pam_files.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect,pam
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+ 
+ source common.sh
+ 
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
 index fd8e44443..9240e6cf3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
@@ -7311,111 +7213,6 @@ index bea8688ac..c51ab4edf 100644
      stigid@ubuntu2004: UBTU-20-010072
      stigid@ubuntu2204: UBTU-22-411045
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-index b3232cc93..ec32d65f7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-index 9a553893c..239179515 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-index 0b67e0e02..f4ab6a731 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-index 9d4320fbb..4cf206854 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 82bf9fa75..5ab933ad8 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 74236e2fb..6341829be 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index ef2461160..c47470ab4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-index 30e044729..bb60fb3ed 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index c71a12afe..6dd3f50d6 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_fail_interval=900
- 
- authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
 index 71ca92bfa..4e6b05a6f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
@@ -7442,26 +7239,26 @@ index fdd0c4c06..ec8195db8 100644
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
-index ebabc6518..b02f953cc 100644
+index d06be4f3d..891ca5f84 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_pam_files.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
-index a10547339..c01c35a48 100644
+index 4c0d2b11b..995adcc17 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
  # packages = authselect
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
@@ -7501,111 +7298,6 @@ index e52bd8b76..517b16e01 100644
      stigid@ubuntu2004: UBTU-20-010072
      stigid@ubuntu2204: UBTU-22-411045
  
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-index b3232cc93..ec32d65f7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-index d547b0e35..925fc0dbe 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-index 057348eb4..0b2000ba3 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-index bfcc7d4a4..da0f4a90e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 1840cae45..953ba3353 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index 838ab7c53..4f717ef5a 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index b7b1532bb..5b8279841 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-index eff1bd32c..f6307511b 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
- # packages = authselect
- # remediation = none
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index a57645eb1..a7e7b8e9c 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_unlock_time=600
- 
- authselect select sssd --force
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
 index 567144b30..b7a49ab06 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
@@ -7672,7 +7364,7 @@ index b8eed2243..e246512fb 100644
  ocil_clause: the value of "maxclassrepeat" is set to "0", more than "{{{ xccdf_value("var_password_pam_maxclassrepeat") }}}" or is commented out
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
-index 2e3c33f22..7742a233c 100644
+index 157b451d6..6a035cef9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
 @@ -40,7 +40,7 @@ references:
@@ -7724,22 +7416,22 @@ index 84ee603a8..813faf411 100644
      stigid@ubuntu2204: UBTU-22-611025
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
-index 06f7962fd..dc6eea20d 100644
+index 1cb63986e..2062a1888 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
-index a55859203..377efc82e 100644
+index 55cf2d852..6dc6bc7c3 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
@@ -7816,22 +7508,22 @@ index 61c28f2d6..30166c800 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
-index 90484d66f..81664de52 100644
+index 0dbcd7d26..4eb58f0e5 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
-index 4ea10f4c4..6c1de4e4c 100644
+index b578d2c97..260c0cc1e 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
 @@ -1,3 +1,3 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux
  
  {{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
@@ -7908,17 +7600,17 @@ index 60ebfdeba..2b9d40cf6 100644
  authselect create-profile hardening -b sssd
  CUSTOM_PROFILE="custom/hardening"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
-index 25a0da980..bf2a98da4 100644
+index cebb805de..2125c8fb8 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
-index 6e25f2948..716c7d6cf 100644
+index 1fe3c52f0..302cff28b 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
 @@ -47,7 +47,7 @@ references:
@@ -7931,73 +7623,73 @@ index 6e25f2948..716c7d6cf 100644
      stigid@ubuntu2204: UBTU-22-611045
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
-index 03723cd8c..1df4f1d61 100644
+index 51c3f13f3..07ef7d548 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-index 19cac93f4..4a5b1142b 100644
+index c61f9b6d5..e7cccaed5 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-index ae605f717..db875782d 100644
+index 601d32759..bc4453182 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
-index ce7f4b7a3..0aeb8535b 100644
+index e4f1de0cc..18be59047 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
-index 962112d6a..f0db47d5e 100644
+index d70521e76..d24de47b6 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-index ea2eb57fe..033bbbceb 100644
+index dc7fe32d1..3313d5dea 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # variables = var_password_pam_retry=3
  
  source common.sh
@@ -8015,40 +7707,40 @@ index fa55c67d0..aa1626c3c 100644
      stigid@ubuntu2204: UBTU-22-611010
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
-index 662c3641e..4baf0adaa 100644
+index 3036516b4..be3981885 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
-index f6b461789..fb6d88e37 100644
+index a598fb736..2b81cee2f 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
  LIBUSER_CONF="/etc/libuser.conf"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
-index e0b6d68db..5ec6c69bb 100644
+index b43d21921..578df865d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-index fc5064a28..3f367461f 100644
+index 8b667cc7a..f97c98f35 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000073-GPOS-00041
      stigid@ol7: OL07-00-010210
      stigid@ol8: OL08-00-010110
@@ -8058,27 +7750,27 @@ index fc5064a28..3f367461f 100644
      stigid@sle15: SLES-15-010260
      stigid@ubuntu2004: UBTU-20-010404
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
-index 9fffb6188..bd6f532b7 100644
+index f889ed34a..d51fa6c9d 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
-index 3b4602f2c..89cf6b6c5 100644
+index 666a7c644..683756222 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_password_hashing_algorithm_pam") }}}
  PAM_FILE_PATH="/etc/pam.d/password-auth"
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
-index 13da3921f..a3f780057 100644
+index d03a7af44..6c7b680dd 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
 @@ -50,7 +50,7 @@ references:
@@ -8091,79 +7783,79 @@ index 13da3921f..a3f780057 100644
  ocil_clause: 'it does not'
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
-index abcdf02f5..213909b8d 100644
+index ee1213c2d..c2aca7ae1 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
-index 1572f0d9b..88bc3e44d 100644
+index 8d6be38f4..ce2bcce19 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
-index 463b78e55..58d5e3524 100644
+index 13f217f02..efb422075 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
-index a36ff143d..c41476b3d 100644
+index 5632949e2..fbfe8a0a4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
-index b874f33d6..d0c5d75a5 100644
+index 7f6ff9a97..581c81c47 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
-index 98aff168e..ce8da6ac3 100644
+index 10a02eb86..77029c277 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
-index eb1843292..a7c95046e 100644
+index dbc370188..bf39a6136 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
 @@ -65,7 +65,7 @@ references:
@@ -8176,79 +7868,79 @@ index eb1843292..a7c95046e 100644
      stigid@sle15: SLES-15-020170
      stigid@ubuntu2204: UBTU-22-611055
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
-index a665b3b10..dc11875da 100644
+index 264df72f1..725cd27ab 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
-index c498e86dd..912618a8d 100644
+index c5e65c44e..8d606b5ea 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
-index 3653f7912..e6dd9f4c0 100644
+index c61e9828d..652f95adb 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
-index 11ed319f1..26222d810 100644
+index 6499ed205..c94da4ca0 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
-index e41950217..429ee6246 100644
+index 6b5b5767a..01fafdbb9 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
-index d0413404b..3ec30f45b 100644
+index a1a9ec1ec..c273c78f4 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
  # variables = var_password_hashing_algorithm_pam=sha512
  
  authselect create-profile hardening -b sssd
 diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
-index 556bee4c1..8a5f82244 100644
+index 28426471d..39b28a4db 100644
 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
 @@ -36,7 +36,7 @@ references:
@@ -8272,7 +7964,7 @@ index 3045574e5..7ce6bb466 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
-index 7e9a58560..6cdeb9586 100644
+index 33db7fb17..de7bf122c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
 @@ -71,7 +71,7 @@ references:
@@ -8343,10 +8035,10 @@ index 6dc5eae7e..fbf4edf7b 100644
  ocil_clause: "the option is not configured"
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-index 1517b25f8..096e09800 100644
+index f3473796d..2f77035b4 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010152
@@ -8355,21 +8047,21 @@ index 1517b25f8..096e09800 100644
  
  ocil_clause: 'the output is different'
  
-@@ -50,7 +50,7 @@ ocil: |-
+@@ -52,7 +52,7 @@ ocil: |-
      To check if authentication is required for emergency mode, run the following command:
      
$ grep sulogin /usr/lib/systemd/system/emergency.service

      The output should be similar to the following, and the line must begin with
--    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
          ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
          
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency

      {{%- else -%}}
-@@ -78,7 +78,7 @@ fixtext: |-
+@@ -80,7 +80,7 @@ fixtext: |-
      Configure {{{ full_name }}} to require authentication for system emergency mode.
  
      Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
--    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}}
-+    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15"] -%}}
+-    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
++    {{% if product in ["fedora", "ol8", "ol9", "kylinserver10", "openeuler2203", "rhel8", "almalinux8", "rhel9", "sle12", "sle15", "slmicro5"] -%}}
      ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
      {{%- else -%}}
      ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
@@ -8385,13 +8077,13 @@ index bce932b72..e446c7836 100644
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/usr/lib/systemd/systemd-sulogin-shell"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
-index 73d2f3ad0..d5c7db6ab 100644
+index 19345cfcf..374e76ec6 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  rm -f /etc/systemd/system/emergency.service
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
@@ -8407,21 +8099,21 @@ index d9fdc678f..a4f6ea6a9 100644
  service_file="/usr/lib/systemd/system/emergency.service"
  sulogin="/bin/bash"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
-index 4545cf49f..520cd2af5 100644
+index da0d857f6..a7d75247c 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  rm -f /etc/systemd/system/emergency.service
  mkdir -p /etc/systemd/system/emergency.service.d/
  cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-index 90c48074e..8a677d311 100644
+index bc0beb98a..808242a86 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010481
      stigid@ol8: OL08-00-010151
@@ -8431,7 +8123,7 @@ index 90c48074e..8a677d311 100644
  ocil_clause: 'the output is different'
  
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
-index 3cf97a457..7f9b4043f 100644
+index 07b8e331a..850cd60d9 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
 @@ -1,5 +1,5 @@
@@ -8441,17 +8133,28 @@ index 3cf97a457..7f9b4043f 100644
  rm -rf /etc/systemd/system/rescue.service.d
  mkdir -p /etc/systemd/system/rescue.service.d
  cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
+diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+index f735f3270..027fbbe3d 100644
+--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
++++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
+ 
+ service_file="/usr/lib/systemd/system/rescue.service"
+ sulogin="/usr/lib/systemd/systemd-sulogin-shell"
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-index 0bb3ce9ff..d9865e063 100644
+index 4557b0512..043753f03 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
 +++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
 -# platform = multi_platform_fedora,multi_platform_rhel
 +# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
+ 
  rm -rf /etc/systemd/system/rescue.service.d
  mkdir -p /etc/systemd/system/rescue.service.d
- cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
 diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
 index 63b9b08b5..15abe6cec 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
@@ -8622,7 +8325,7 @@ index 1a9d35f69..9a5753d98 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
-index 7f094490a..01acc6117 100644
+index 0e85d913e..73feb8d95 100644
 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
 @@ -55,7 +55,7 @@ references:
@@ -8734,10 +8437,10 @@ index 77aa71dd9..b3bfff528 100644
  {{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-index 3cbd74e9b..d37ae427e 100644
+index 5b61d3b83..dea58e7bd 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000118-GPOS-00060
      stigid@ol7: OL07-00-010310
      stigid@ol8: OL08-00-020260
@@ -8760,10 +8463,10 @@ index 96ae3e33c..6b1558013 100644
      stigid@sle15: SLES-15-020061
      stigid@ubuntu2004: UBTU-20-010000
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-index e22349631..65f1921fc 100644
+index cc677e619..d97703614 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
-@@ -27,7 +27,7 @@ references:
+@@ -28,7 +28,7 @@ references:
      pcidss: Req-8.1.1
      srg: SRG-OS-000104-GPOS-00051,SRG-OS-000121-GPOS-00062
      stigid@ol8: OL08-00-020240
@@ -8807,10 +8510,10 @@ index c4c2f7ba0..e03ccee7a 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-index 4fd6b372e..04ec89cdc 100644
+index cd2f88ecd..66ffb0802 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
-@@ -52,7 +52,7 @@ references:
+@@ -53,7 +53,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010250
      stigid@ol8: OL08-00-020200
@@ -8830,10 +8533,10 @@ index 6e22e90d7..bfd7508ad 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-index 84fd51d36..b441ebabd 100644
+index 3ae34ae92..0305558ac 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010230
      stigid@ol8: OL08-00-020190
@@ -8959,10 +8662,10 @@ index 7d6bc11f9..0a8561b81 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-index 70b804ce8..85fc554e8 100644
+index 19d5c5245..99c9a6284 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000076-GPOS-00044
      stigid@ol7: OL07-00-010260
      stigid@ol8: OL08-00-020210
@@ -8992,10 +8695,10 @@ index 7bdb759f6..dd157f1e3 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-index 43567e343..53e3edb44 100644
+index 9214435a8..53db14105 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
-@@ -36,7 +36,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000075-GPOS-00043
      stigid@ol7: OL07-00-010240
      stigid@ol8: OL08-00-020180
@@ -9005,20 +8708,20 @@ index 43567e343..53e3edb44 100644
      stigid@sle15: SLES-15-020210
  
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
-index 4994ff315..e8469b8e9 100644
+index 8df20d253..ad8320347 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-index b3ce8eb55..351a32e8a 100644
+index 984b43911..d7330ce74 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist: IA-5(1)(c),IA-5(1).1(v),IA-7,IA-7.1
      srg:  SRG-OS-000073-GPOS-00041,SRG-OS-000120-GPOS-00061
      stigid@ol8: OL08-00-010120
@@ -9222,7 +8925,7 @@ index 117a42585..b41d01a89 100644
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
-index 889998309..05177f1a1 100644
+index 9c097499f..2c80371bc 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
 @@ -1,4 +1,4 @@
@@ -9243,7 +8946,7 @@ index ad3133b1f..eac1b843a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
-index a4f085ec0..96b1dc896 100644
+index d148d9a9f..9eb5f7177 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
 @@ -53,7 +53,7 @@ references:
@@ -9305,10 +9008,10 @@ index 55c7149f5..861c85d5f 100644
      stigid@sle15: SLES-15-020181
      stigid@ubuntu2004: UBTU-20-010462
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-index 3147b3e0d..bb5952a84 100644
+index bf1f82e2c..4367b1109 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020310
      stigid@ol8: OL08-00-040200
@@ -9317,23 +9020,34 @@ index 3147b3e0d..bb5952a84 100644
      stigid@sle12: SLES-12-010650
      stigid@sle15: SLES-15-020100
  
+diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
+index ba82e5ddb..ddbac0bcf 100644
+--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
++++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_uid_0.fail.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+-# platform = multi_platform_rhel,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
+ # Remediation doesn't fix the rule, only locks passwords
+ # of non-root accounts with uid 0.
+ # remediation = none
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
-index 888cc054f..2b7d571ad 100644
+index 987fb5d8b..8b5d81151 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
-index 7bbfd7675..3d438fe7a 100644
+index df4c8338b..481ceb571 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  
  {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
@@ -9359,12 +9073,12 @@ index 5f9c92aac..119219eb0 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
-index 10a747ef2..5a819abfc 100644
+index 429a8dcd1..8cafea67b 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
@@ -9389,22 +9103,22 @@ index bd1ba1ccb..d139fdda4 100644
  # uncomment the option if commented
  sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
-index e236b1ec2..d84d7345f 100644
+index 9bbbb9585..766df9993 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
-index d16374ffd..1ae066fd9 100644
+index cb7530b38..c33fd385c 100644
 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
  
  PAM_CONF=/etc/pam.d/su
@@ -9422,22 +9136,22 @@ index 1c0e2ca28..54ebaf547 100644
      stigid@sle15: SLES-15-020110
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
-index 315b2efec..657d0c4e6 100644
+index bf22ad15d..108c8be38 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  # disruption = low
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
-index 305f8fea8..e9470bfa1 100644
+index 1732224ac..e60690cbb 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_accounts_fail_delay") }}}
  
@@ -9455,22 +9169,22 @@ index 0b8be731c..03bb75239 100644
  
  ocil_clause: 'the value of "FAIL_DELAY" is not set to "{{{ xccdf_value("var_accounts_fail_delay") }}}" or greater, or the line is commented out'
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
-index 88758d295..f0c54f4c3 100644
+index a1651a9f9..758541a6d 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
-index 3415b164a..97ac5e4d9 100644
+index b6d6bbc91..18e04b16c 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
+-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
  
@@ -9547,10 +9261,10 @@ index 4cc4bd31d..ab4719ded 100644
      stigid@sle15: SLES-15-040070
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-index a05675fbf..50f9b67d6 100644
+index aa2283271..eb22b9c2a 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020620
      stigid@ol8: OL08-00-010750
@@ -9573,10 +9287,10 @@ index 71cb3ec5d..da5ade2a6 100644
  ocil_clause: 'the group ownership is incorrect'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-index 72dd0b8c0..e62e9203c 100644
+index e04ce08d0..cbc6752ad 100644
 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
-@@ -29,7 +29,7 @@ references:
+@@ -31,7 +31,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020680
      stigid@ol8: OL08-00-010731
@@ -9598,19 +9312,6 @@ index efd83d032..4043bc31e 100644
      stigid@sle12: SLES-12-010750
      stigid@sle15: SLES-15-040100
  
-diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-index 0fc7f9aa2..a3b478785 100644
---- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
-@@ -28,7 +28,7 @@ references:
-     srg: SRG-OS-000480-GPOS-00227
-     stigid@ol7: OL07-00-020710
-     stigid@ol8: OL08-00-010770
--    stigid@rhel8: RHEL-08-010770
-+    stigid@almalinux8: RHEL-08-010770
-     stigid@sle12: SLES-12-010760
-     stigid@sle15: SLES-15-040110
- 
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
 index 40ab5475c..e1f07da16 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files_root/rule.yml
@@ -9625,10 +9326,10 @@ index 40ab5475c..e1f07da16 100644
  ocil_clause: 'they are not 0740 or more permissive'
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-index e3df0021c..fddf0065c 100644
+index ddc2943a9..8d71a23f6 100644
 --- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -33,7 +33,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020630
      stigid@ol8: OL08-00-010730
@@ -9638,20 +9339,20 @@ index e3df0021c..fddf0065c 100644
      stigid@sle15: SLES-15-040090
  
 diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
-index 5bfb963a1..77807dbfb 100644
+index 9db14e81f..8463c8ea1 100644
 --- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-index f94449e09..7d5abcfb3 100644
+index f0f585a72..990c857e9 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
@@ -9673,12 +9374,12 @@ index 5dac9eec3..e28301101 100644
  
  sed -i '/umask/d' /etc/bashrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
-index 0f681a6db..846b47fee 100644
+index ba4f1b2e4..ba21db378 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu,multi_platform_almalinux
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu,multi_platform_almalinux
  
  {{{ bash_instantiate_variables("var_accounts_user_umask") }}}
  
@@ -9708,10 +9409,10 @@ index 04f6247a8..bd02cb830 100644
  sed -i '/umask/d' /etc/csh.cshrc
  echo "umask 077" >> /etc/csh.cshrc
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-index ba0eed42e..893d1ca2d 100644
+index 223eb3926..77c8898c7 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_login_defs/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      srg: SRG-OS-000480-GPOS-00228
      stigid@ol7: OL07-00-020240
      stigid@ol8: OL08-00-020351
@@ -9721,10 +9422,10 @@ index ba0eed42e..893d1ca2d 100644
      stigid@sle15: SLES-15-040420
      stigid@ubuntu2004: UBTU-20-010016
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-index fab5e5e16..65fdfc61d 100644
+index 3a6b2ea70..c4d1fa151 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      nist-csf: PR.IP-2
      srg: SRG-OS-000480-GPOS-00228,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-020353
@@ -9734,27 +9435,27 @@ index fab5e5e16..65fdfc61d 100644
  ocil_clause: |-
      the value for the "umask" parameter is not "{{{ xccdf_value("var_accounts_user_umask") }}}",
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
-index fb91eab05..02b78a6ab 100644
+index 79c8b6fc5..17995a8c2 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
-index ec59ac915..3e5470b1e 100644
+index e904396b8..f07b826fe 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_rhv4,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_rhv4,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
-index 37ff12a68..c0a98aefb 100644
+index 29c5612cc..5d5c3f6fe 100644
 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -9767,75 +9468,75 @@ index 37ff12a68..c0a98aefb 100644
  ocil_clause: 'any local interactive user initialization files are found to have a umask statement that sets a value less restrictive than "077"'
  
 diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
-index ec75bf6d2..eb2aa2ea1 100644
+index eb2aa2ea1..9b3dcce81 100644
 --- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
 +++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # remediation = none
  
  mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
 diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
-index a545d9791..383a6ee76 100644
+index 383a6ee76..58a4a047f 100644
 --- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
 +++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # remediation = none
  
  touch /etc/pam.d/{password,system}-auth-{mycustomconfig,ac}
 diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
-index 82fb5d543..2dbee752d 100644
+index 2dbee752d..49554fc77 100644
 --- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
 +++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # remediation = none
  
  mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
 diff --git a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
-index 183e2f402..20d2619ef 100644
+index 7f399477a..58f0287f3 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
 +++ b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
-+# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
+-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
++# platform = Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux
  # reboot = false
  # strategy = configure
  # complexity = low
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
-index 31c46debf..9b4e3abe2 100644
+index 53528d634..0b535f692 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
  # packages = authselect,pam
  # remediation = none
  
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
-index ac68df9e0..f589bfb44 100644
+index c2cd455e8..a9c54374c 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_almalinux
  # packages = authselect,pam
  
- authselect select minimal --force
+ {{%- if ('rhel' in product or 'ol' in families or 'almalinux' in product) and product not in ['ol8', 'ol9', 'rhel8', 'rhel9', 'almalinux9']%}}
 diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
-index 3bd07c62e..e328ca74c 100644
+index 468c958cb..12141fa4c 100644
 --- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
 +++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
+-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
++# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_almalinux
  # packages = authselect,pam
  
  rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
@@ -9875,7 +9576,7 @@ index c4213caf8..c422634f2 100644
  # Break the argument in kernel command line in /boot/grub2/grubenv
  file="/boot/grub2/grubenv"
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
-index eeaf319fa..852899a14 100644
+index 43ac06be3..66e36e2fb 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
 @@ -27,7 +27,7 @@ references:
@@ -9888,7 +9589,7 @@ index eeaf319fa..852899a14 100644
  ocil_clause: 'Kernel page-table isolation is not enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
-index 3e1e837c8..574a211f4 100644
+index 28da623cf..1ff7ac639 100644
 --- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -9901,7 +9602,7 @@ index 3e1e837c8..574a211f4 100644
  ocil_clause: 'vsyscalls are enabled'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
-index c476ddec3..5fc8e5710 100644
+index 9f8cc264b..a09401d2b 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
 @@ -46,7 +46,7 @@ references:
@@ -9927,10 +9628,10 @@ index f5b957e88..b678a4e70 100644
        {{% else %}}
        
 diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-index c58c5f226..efdc99949 100644
+index a2b97c4ee..b47703542 100644
 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
-@@ -64,7 +64,7 @@ references:
+@@ -65,7 +65,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010482
      stigid@ol8: OL08-00-010150
@@ -9940,7 +9641,7 @@ index c58c5f226..efdc99949 100644
      stigid@sle15: SLES-15-010190
      stigid@ubuntu2004: UBTU-20-010009
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
-index bd64b621f..8eb16f129 100644
+index 83be376b8..e2e004587 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
 @@ -47,7 +47,7 @@ references:
@@ -9953,10 +9654,10 @@ index bd64b621f..8eb16f129 100644
  ocil_clause: 'superuser account is not set or is set to an existing name or to a common name'
  
 diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-index e4978316b..28c0c13fa 100644
+index 831aa6ec3..4ac763e2a 100644
 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
 +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
-@@ -66,7 +66,7 @@ references:
+@@ -67,7 +67,7 @@ references:
      srg: SRG-OS-000080-GPOS-00048
      stigid@ol7: OL07-00-010491
      stigid@ol8: OL08-00-010140
@@ -10245,72 +9946,19 @@ index c1f2165a1..d92008f40 100644
      stigid@ubuntu2004: UBTU-20-010403
      stigid@ubuntu2204: UBTU-22-652015
  
-diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-index 7eafd360b..b46871be0 100644
---- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
-@@ -32,7 +32,7 @@ ocil: |-
-     Storing logs with compression can help avoid filling the system disk.
-     Run the following command to verify that journald is compressing logs.
-     
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
-     grep "^\sCompress" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sCompress" /etc/systemd/journald.conf
-@@ -43,7 +43,7 @@ ocil: |-
-     Compress=yes
-     

+diff --git a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
+index 6b1f74424..b514ff79d 100644
+--- a/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
++++ b/linux_os/guide/system/logging/journald/journald_disable_forward_to_syslog/rule.yml
+@@ -13,7 +13,7 @@ platform: package[systemd]
  
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
- template:
-     name: systemd_dropin_configuration
-     vars:
-diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-index e0fab4b24..3f30b01d9 100644
---- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
-@@ -31,7 +31,7 @@ ocil: |-
-     Storing logs remotely protects the integrity of the data from local attacks.
-     Run the following command to verify that journald is forwarding logs to a remote host.
-     
--{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
-     grep "^\sForwardToSyslog" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sForwardToSyslog" /etc/systemd/journald.conf
-@@ -42,7 +42,7 @@ ocil: |-
-     ForwardToSyslog=yes
-     

+ severity: medium
  
 -{{%- if product in ["rhel8", "rhel9", "sle15"] %}}
 +{{%- if product in ["rhel8", "almalinux8", "rhel9", "sle15"] %}}
  template:
      name: systemd_dropin_configuration
      vars:
-diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-index d13ef07c9..7698a7856 100644
---- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-+++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
-@@ -31,7 +31,7 @@ ocil: |-
-     Storing logs with persistent storage ensures they are available after a reboot or system crash.
-     Run the command below to verify that logs are being persistently stored to disk.
-     
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
-     grep "^\sStorage" /etc/systemd/journald.conf {{{ journald_conf_dir_path }}}/*.conf
- {{% else %}}
-     grep "^\sStorage" /etc/systemd/journald.conf
-@@ -42,7 +42,7 @@ ocil: |-
-     Storage=persistent
-     

- 
--{{%- if product in ["fedora", "rhel8", "rhel9", "sle15"] %}}
-+{{%- if product in ["fedora", "rhel8", "almalinux8", "rhel9", "sle15"] %}}
- template:
-     name: systemd_dropin_configuration
-     vars:
 diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
 index 892523fc4..9fbba1ccb 100644
 --- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -10323,10 +9971,10 @@ index 892523fc4..9fbba1ccb 100644
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
-index ef3415b6a..6eebe43b9 100644
+index ef960d4ab..4d6eaa42e 100644
 --- a/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
 +++ b/linux_os/guide/system/logging/log_rotation/timer_logrotate_enabled/rule.yml
-@@ -51,7 +51,7 @@ template:
+@@ -53,7 +53,7 @@ template:
          timername: logrotate
          packagename: logrotate
  
@@ -10428,10 +10076,10 @@ index 5a6036bac..706df5c2d 100644
      stigid@ubuntu2204: UBTU-22-652010
  
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-index c18b89c9e..88fda59ab 100644
+index c1bec3fa3..8d459b934 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
-@@ -25,7 +25,7 @@ references:
+@@ -27,7 +27,7 @@ references:
      nist: SC-5
      srg: SRG-OS-000420-GPOS-00186
      stigid@ol8: OL08-00-040150
@@ -10441,10 +10089,10 @@ index c18b89c9e..88fda59ab 100644
  ocil_clause: 'the "nftables" is not set as the "firewallbackend"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-index 13ab76040..8d2769fd4 100644
+index a6e40a13b..d2099cef4 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -37,7 +37,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000298-GPOS-00116,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040100
@@ -10454,10 +10102,10 @@ index 13ab76040..8d2769fd4 100644
  
  ocil_clause: 'the package is not installed'
 diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-index d52baffd9..22a7cf53e 100644
+index b8ee45417..ed5a13255 100644
 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000096-GPOS-00050,SRG-OS-000297-GPOS-00115,SRG-OS-000480-GPOS-00227,SRG-OS-000480-GPOS-00231,SRG-OS-000480-GPOS-00232
      stigid@ol7: OL07-00-040520
      stigid@ol8: OL08-00-040101
@@ -10503,10 +10151,10 @@ index 9c8e18823..b4fd81cf7 100644
  ocil_clause: 'no zones are active on the interfaces or if the target is set to a different option other than "DROP"'
  
 diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-index 0ea52afd9..658214d09 100644
+index 6c2b02d72..ed3ecc734 100644
 --- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
 +++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      pcidss: Req-1.4
      srg: SRG-OS-000480-GPOS-00227
@@ -10516,7 +10164,7 @@ index 0ea52afd9..658214d09 100644
  ocil_clause: 'the default zone is not set to DROP'
  
 diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
-index 51b6c4fb6..679e35435 100644
+index 94cb0e893..d13183224 100644
 --- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
 +++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
 @@ -1,5 +1,5 @@
@@ -10537,6 +10185,36 @@ index b2a8e350c..e97d0f4a5 100644
  # check-import = stdout
  
  result=$XCCDF_RESULT_PASS
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
+index 784d5722b..26c869e22 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ #!/bin/bash
+ 
+ mkdir -p "/etc"
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
+index 3b1d0fafd..1fa04dced 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ #!/bin/bash
+ 
+ mkdir -p "/etc"
+diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
+index d6394d7b1..8ed3c31ff 100644
+--- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
++++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
+ #!/bin/bash
+ 
+ mkdir -p "/etc"
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
 index d787fbbbf..d209806d8 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
@@ -10559,10 +10237,10 @@ index 87306fedb..88e2884bc 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-index b361549d1..f8adf0f64 100644
+index 828c4a36e..79d9b9105 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040261
@@ -10583,10 +10261,10 @@ index 8792fc668..2c7c4b025 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-index 4e7c5be44..360e86714 100644
+index fbe90dd61..f121e9287 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
-@@ -34,7 +34,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040280
@@ -10607,10 +10285,10 @@ index e222b1c88..85b92ce90 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-index bab3ff393..e02540987 100644
+index 70f3f6e3e..1a1cf4ebd 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040830
      stigid@ol8: OL08-00-040240
@@ -10620,10 +10298,10 @@ index bab3ff393..e02540987 100644
      stigid@sle15: SLES-15-040310
  
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-index b9cde5e58..673f81ae8 100644
+index ad75ea331..0dbf6969a 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
-@@ -35,7 +35,7 @@ references:
+@@ -36,7 +36,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4,PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040260
@@ -10644,10 +10322,10 @@ index 4ed2c480c..f59b6d7c3 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-index a3164b1b1..f9627f3d4 100644
+index cd8d1b6d1..158c2f42e 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
-@@ -33,7 +33,7 @@ references:
+@@ -35,7 +35,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040262
@@ -10668,10 +10346,10 @@ index 845b013ed..063776b85 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-index a5b2f2c1a..d8f57c351 100644
+index eee34c1fb..fbaa2b4e7 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      nist@slmicro5: CM-6(b),CM-6.1(iv)
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040210
@@ -10692,10 +10370,10 @@ index e2951d845..0335df123 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-index c46cdcfea..8a0ae66c3 100644
+index 5769dbd05..da095360f 100644
 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      pcidss: Req-1.4.3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040250
@@ -10758,10 +10436,10 @@ index 6bb6de134..1f0664a02 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-index 6367ef8ea..70097d4ef 100644
+index df7f490e8..09f2ff035 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040641
      stigid@ol8: OL08-00-040279
@@ -10782,10 +10460,10 @@ index b3d72bb4a..b89b8a35a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-index 97ceccc1f..065d4b692 100644
+index c961e0c3b..0e49daf93 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040610
      stigid@ol8: OL08-00-040239
@@ -10830,10 +10508,10 @@ index c64da37a3..08535e5a1 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-index 9a76b723e..90dd2f842 100644
+index 40c6dceaa..079130101 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040611
      stigid@ol8: OL08-00-040285
@@ -10887,10 +10565,10 @@ index 2bfbd9e46..8ea37100a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-index 8f2b53aa8..15f51d661 100644
+index 510267791..85f40cc6b 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040640
      stigid@ol8: OL08-00-040209
@@ -10911,10 +10589,10 @@ index aa7d1562b..08668d03c 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-index bac36aac5..2da73e4ad 100644
+index f8c615f97..3d3426e6f 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040620
      stigid@ol8: OL08-00-040249
@@ -10968,10 +10646,10 @@ index 52d74441b..08c8c256d 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-index 7fa90e1eb..e4927a4fb 100644
+index 994d5b677..5cbc5bd7c 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040630
      stigid@ol8: OL08-00-040230
@@ -11014,10 +10692,10 @@ index ea1db12fe..5d8b19f68 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-index e0286fee8..279b309fd 100644
+index 5568a6bf3..46d4b3346 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040660
      stigid@ol8: OL08-00-040220
@@ -11038,10 +10716,10 @@ index b54e3d12b..125464d7a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-index 5d3bbd883..3fc2de52c 100644
+index 1d18537ff..cb247969e 100644
 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
 +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -43,7 +43,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-040650
      stigid@ol8: OL08-00-040270
@@ -11112,10 +10790,10 @@ index c4b6bb2e8..61804c3ed 100644
  {{{ complete_ocil_entry_module_disable(module="firewire-core") }}}
  
 diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-index ba4ca0616..d4ef1fc21 100644
+index 5894d44b8..aff09bca3 100644
 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      pcidss: Req-1.4.2
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040023
@@ -11138,11 +10816,11 @@ index 3d0417c01..bbae29491 100644
  {{{ complete_ocil_entry_module_disable(module="tipc") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-index e14d31803..e926995b2 100644
+index 69f5aac25..862928602 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
-@@ -36,7 +36,7 @@ references:
-     nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4
+@@ -37,7 +37,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118
      stigid@ol8: OL08-00-040111
 -    stigid@rhel8: RHEL-08-040111
@@ -11151,10 +10829,10 @@ index e14d31803..e926995b2 100644
  {{{ complete_ocil_entry_module_disable(module="bluetooth") }}}
  
 diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-index 830e35504..f4130dffb 100644
+index 256ab8558..1b614d432 100644
 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
 +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
-@@ -63,7 +63,7 @@ references:
+@@ -64,7 +64,7 @@ references:
      srg: SRG-OS-000299-GPOS-00117,SRG-OS-000300-GPOS-00118,SRG-OS-000424-GPOS-00188,SRG-OS-000481-GPOS-000481
      stigid@ol7: OL07-00-041010
      stigid@ol8: OL08-00-040110
@@ -11260,10 +10938,10 @@ index e488cceeb..f36b06f69 100644
  | xargs -I '$6' find '$6' -xdev -type d \
  \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-index 69d08bf04..9b1ef1291 100644
+index 9859dc367..f8fc1b274 100644
 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
 +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      nist-csf: PR.AC-4,PR.DS-5
      srg: SRG-OS-000138-GPOS-00069
      stigid@ol8: OL08-00-010190
@@ -11285,37 +10963,11 @@ index 7a11abcd6..78cee0a4f 100644
      stigid@sle12: SLES-12-010830
      stigid@sle15: SLES-15-040180
  
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-index 50f9e7742..e60a7155e 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
-@@ -28,7 +28,7 @@ references:
-     nist: AU-12(b)
-     srg: SRG-OS-000063-GPOS-00032
-     stigid@ol8: OL08-00-030610
--    stigid@rhel8: RHEL-08-030610
-+    stigid@almalinux8: RHEL-08-030610
-     stigid@ubuntu2004: UBTU-20-010133
-     stigid@ubuntu2204: UBTU-22-653065
- 
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-index 4a6b9ceeb..b3eff4127 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
-@@ -28,7 +28,7 @@ references:
-     nist: AU-12(b)
-     srg: SRG-OS-000063-GPOS-00032
-     stigid@ol8: OL08-00-030610
--    stigid@rhel8: RHEL-08-030610
-+    stigid@almalinux8: RHEL-08-030610
-     stigid@ubuntu2004: UBTU-20-010133
-     stigid@ubuntu2204: UBTU-22-653065
- 
 diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-index 814e0ceb5..2b3500de4 100644
+index ab43399f3..47441d49e 100644
 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
 +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
-@@ -48,7 +48,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020330
      stigid@ol8: OL08-00-010790
@@ -11325,10 +10977,10 @@ index 814e0ceb5..2b3500de4 100644
      stigid@sle15: SLES-15-040410
  
 diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-index 14e9efe3e..848445786 100644
+index 3dd27b8e2..23c09f7fe 100644
 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
 +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
-@@ -47,7 +47,7 @@ references:
+@@ -48,7 +48,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020320
      stigid@ol8: OL08-00-010780
@@ -11403,7 +11055,7 @@ index 54ff93140..217aa64e9 100644
      stigid@ubuntu2204: UBTU-22-232025
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
-index cc2286f54..4a77ab174 100644
+index a764107f5..550e23636 100644
 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_permissions_var_log_messages/rule.yml
 @@ -20,7 +20,7 @@ references:
@@ -11413,7 +11065,7 @@ index cc2286f54..4a77ab174 100644
 -    stigid@rhel8: RHEL-08-010210
 +    stigid@almalinux8: RHEL-08-010210
  
- ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-r-----") }}}'
+ ocil_clause: '{{{ ocil_clause_file_permissions(file="/var/log/messages", perms="-rw-------") }}}'
  
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
 index b06834e4f..fe1277bff 100644
@@ -11525,12 +11177,12 @@ index 8e9fc7b8b..7ce862d34 100644
  # strategy = restrict
  # complexity = medium
 diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
-index 8ecb16700..bad3166e1 100644
+index 126824999..853c50bb1 100644
 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  
  for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
  do
@@ -11761,10 +11413,10 @@ index a3c4423d3..3570174cd 100644
  {{{ complete_ocil_entry_sysctl_option_value(sysctl="fs.protected_symlinks", value="1") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-index 4bf7fd182..d1b0cd08e 100644
+index 6665bc106..64fcfd1c6 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -47,7 +47,7 @@ references:
      nist-csf: PR.IP-1,PR.PT-3
      srg: SRG-OS-000095-GPOS-00049
      stigid@ol8: OL08-00-040025
@@ -11774,10 +11426,10 @@ index 4bf7fd182..d1b0cd08e 100644
  {{{ complete_ocil_entry_module_disable(module="cramfs") }}}
  
 diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-index 8ace97c1f..69653f45f 100644
+index 41cc22203..fa358683f 100644
 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -45,7 +45,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227,SRG-APP-000141-CTR-000315
      stigid@ol7: OL07-00-020100
      stigid@ol8: OL08-00-040080
@@ -11787,10 +11439,10 @@ index 8ace97c1f..69653f45f 100644
      stigid@sle15: SLES-15-010480
      stigid@ubuntu2004: UBTU-20-010461
 diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-index d40d550cb..6864e2970 100644
+index 821fe53eb..cb21162df 100644
 --- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
-@@ -51,7 +51,7 @@ references:
+@@ -52,7 +52,7 @@ references:
      srg: SRG-OS-000114-GPOS-00059,SRG-OS-000378-GPOS-00163,SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-020110
      stigid@ol8: OL08-00-040070
@@ -11800,7 +11452,7 @@ index d40d550cb..6864e2970 100644
      stigid@sle15: SLES-15-010240
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
-index 87623a39c..1031c261a 100644
+index 27488ed67..f8721eeaf 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
 @@ -26,7 +26,7 @@ references:
@@ -11810,8 +11462,8 @@ index 87623a39c..1031c261a 100644
 -    stigid@rhel8: RHEL-08-010572
 +    stigid@almalinux8: RHEL-08-010572
  
- platform: uefi
- 
+ template:
+     name: mount_option
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
 index ab03c0740..0290b265c 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
@@ -11826,10 +11478,10 @@ index ab03c0740..0290b265c 100644
  
  template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-index a719912d9..9125c291f 100644
+index cb069b664..7f7c7344a 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040120
@@ -11839,10 +11491,10 @@ index a719912d9..9125c291f 100644
  
  template:
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-index 7db044066..aaec6d676 100644
+index 85814150c..54da72820 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
-@@ -44,7 +44,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040122
@@ -11852,10 +11504,10 @@ index 7db044066..aaec6d676 100644
  
  fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-index 489b8d490..c997e4849 100644
+index 3b082433e..70b12f809 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol7: OL07-00-021024
      stigid@ol8: OL08-00-040121
@@ -11904,10 +11556,10 @@ index d40dfb95b..d5a41d09a 100644
  
  fixtext: |-
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-index 8022a0164..efd33c29f 100644
+index 614f3f509..99a15bf85 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
-@@ -42,7 +42,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010600
@@ -11917,10 +11569,10 @@ index 8022a0164..efd33c29f 100644
  
  ocil_clause: 'a file system found in "/etc/fstab" refers to removable media and it does not have the "nodev" option set'
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-index ad9189622..2b91cd1e6 100644
+index fdab534f2..85e964135 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
-@@ -39,7 +39,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      nist-csf: PR.AC-3,PR.AC-6,PR.IP-1,PR.PT-2,PR.PT-3
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010610
@@ -11930,10 +11582,10 @@ index ad9189622..2b91cd1e6 100644
  ocil_clause: 'removable media partitions are present'
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-index f409eaabe..101c0c011 100644
+index 94b0d8c9b..ba4747ff8 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021010
      stigid@ol8: OL08-00-010620
@@ -11982,11 +11634,11 @@ index 3a16538b1..b8f9c393e 100644
  platform: mount[tmp]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-index 1a14ae661..f70441647 100644
+index a0afbcf72..6a6e2295d 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
-@@ -32,7 +32,7 @@ references:
-     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
+@@ -33,7 +33,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040129
 -    stigid@rhel8: RHEL-08-040129
@@ -11995,11 +11647,11 @@ index 1a14ae661..f70441647 100644
  platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-index 12fd9b470..f3241c473 100644
+index eeb5906df..89c74f415 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
-@@ -30,7 +30,7 @@ references:
-     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
+@@ -31,7 +31,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040131
 -    stigid@rhel8: RHEL-08-040131
@@ -12008,11 +11660,11 @@ index 12fd9b470..f3241c473 100644
  platform: mount[var-log-audit]
  
 diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-index 06d864887..99135beec 100644
+index bd5ed3cea..35e9e12fd 100644
 --- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
 +++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
-@@ -31,7 +31,7 @@ references:
-     nist-csf: PR.IP-1,PR.PT-2,PR.PT-3
+@@ -32,7 +32,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000368-GPOS-00154
      stigid@ol8: OL08-00-040130
 -    stigid@rhel8: RHEL-08-040130
@@ -12120,10 +11772,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-index ad9f27dd7..994844035 100644
+index 2b0604d10..ba1290f14 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010675
@@ -12144,10 +11796,10 @@ index d94802273..554e34e00 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-index e102da2b3..944b71d21 100644
+index 3ba3a22cf..a54e77860 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      pcidss: Req-3.2
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010674
@@ -12157,12 +11809,12 @@ index e102da2b3..944b71d21 100644
  ocil_clause: Storage is not set to none or is commented out and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement for all domains that have the "core" item assigned
  
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
-index 32651fa92..b68ea1c66 100644
+index c57a01958..f75667220 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  SECURITY_LIMITS_FILE="/etc/security/limits.conf"
  
  if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
@@ -12178,10 +11830,10 @@ index 41cbd1197..481afa583 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-index f7a5fa08a..9d931fb6e 100644
+index af0fcf370..78d0ce41a 100644
 --- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
-@@ -38,7 +38,7 @@ references:
+@@ -40,7 +40,7 @@ references:
      nist-csf: DE.CM-1,PR.DS-4
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-010673
@@ -12234,11 +11886,11 @@ index 415b0486d..02b1e991a 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-index 772868e53..e9b536129 100644
+index 95f13e13b..58e9d0573 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
-@@ -28,7 +28,7 @@ references:
-     nist: SC-30,SC-30(2),SC-30(5),CM-6(a)
+@@ -29,7 +29,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000433-GPOS-00192,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040283
 -    stigid@rhel8: RHEL-08-040283
@@ -12280,10 +11932,10 @@ index 7a4c107b2..22e209120 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-index cf6b71a2f..a1d7a4065 100644
+index 061d44762..17c71d655 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -38,7 +38,7 @@ references:
      srg: SRG-OS-000433-GPOS-00193,SRG-OS-000480-GPOS-00227,SRG-APP-000450-CTR-001105
      stigid@ol7: OL07-00-040201
      stigid@ol8: OL08-00-010430
@@ -12293,10 +11945,10 @@ index cf6b71a2f..a1d7a4065 100644
      stigid@sle15: SLES-15-010550
      stigid@ubuntu2004: UBTU-20-010448
 diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-index 8d64e30f3..dee3c56d2 100644
+index 9b2f76c37..0bd35153b 100644
 --- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
-@@ -37,7 +37,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      nist-csf: PR.IP-1
      srg: SRG-OS-000433-GPOS-00192,SRG-APP-000450-CTR-001105
      stigid@ol8: OL08-00-010420
@@ -12402,10 +12054,10 @@ index 36e025cc3..e97acde11 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-index 7ad7a4b5f..1274520ca 100644
+index 651e3bc35..c90a6b377 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
-@@ -28,7 +28,7 @@ references:
+@@ -29,7 +29,7 @@ references:
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069,SRG-APP-000243-CTR-000600
      stigid@ol7: OL07-00-010375
      stigid@ol8: OL08-00-010375
@@ -12426,11 +12078,11 @@ index 505b3c12b..cdf18e6dd 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-index ae651f6df..1cf773e70 100644
+index c763c7d05..dc016bd74 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
-@@ -22,7 +22,7 @@ references:
-     nist: CM-6
+@@ -23,7 +23,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000480-GPOS-00227,SRG-OS-000366-GPOS-00153
      stigid@ol8: OL08-00-010372
 -    stigid@rhel8: RHEL-08-010372
@@ -12498,11 +12150,11 @@ index ceafd4839..7006e2066 100644
  kind: MachineConfig
  spec:
 diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-index e6e25147a..e9db03401 100644
+index 498e93e15..b3b830191 100644
 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
 +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
-@@ -26,7 +26,7 @@ references:
-     nist: SC-7(10)
+@@ -27,7 +27,7 @@ references:
+     ospp: FMT_SMF_EXT.1
      srg: SRG-OS-000132-GPOS-00067,SRG-OS-000480-GPOS-00227
      stigid@ol8: OL08-00-040282
 -    stigid@rhel8: RHEL-08-040282
@@ -12559,22 +12211,22 @@ index ae6678e66..dd45e6327 100644
  ocil: |
      Verify that {{{ full_name }}} disables the use of user namespaces with the following commands:
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
-index 4be24a89d..76c0cc6df 100644
+index 38c97f2e8..dd08128cc 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
-index 735354a2d..0c13b196e 100644
+index 997a564e0..dd963778c 100644
 --- a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
+-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15,multi_platform_almalinux
  
  sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
  sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
@@ -12603,30 +12255,30 @@ index 5c6e7417e..93471f2bb 100644
  ocil_clause: 'the policycoreutils package is not installed'
  
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
-index 5b45fae3f..c66669977 100644
+index 61603800f..a3a65c514 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
-index b0e1de6ba..e08be5aa9 100644
+index 682262160..725b1c395 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-index 3369554bc..5b17bcd70 100644
+index 0ce6648a9..a16729287 100644
 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
-@@ -50,7 +50,7 @@ references:
+@@ -51,7 +51,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-APP-000233-CTR-000585
      stigid@ol7: OL07-00-020220
      stigid@ol8: OL08-00-010450
@@ -12636,30 +12288,30 @@ index 3369554bc..5b17bcd70 100644
  ocil_clause: 'the loaded policy name is not "{{{ xccdf_value("var_selinux_policy_name") }}}"'
  
 diff --git a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
-index 9db746638..a2e3b6c7b 100644
+index b2624d02d..432a557ac 100644
 --- a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
-index 78c1d4f61..0fc55b9c0 100644
+index c36cfb38b..cd2ec3a9c 100644
 --- a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 +++ b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro5,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
-index 237064080..bebc238b5 100644
+index ba0a43a4a..edbcdfa2b 100644
 --- a/linux_os/guide/system/selinux/selinux_state/rule.yml
 +++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -44,7 +44,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199,SRG-OS-000134-GPOS-00068
      stigid@ol7: OL07-00-020210
      stigid@ol8: OL08-00-010170
@@ -12682,7 +12334,7 @@ index 9d751d635..058fc3bf6 100644
  ocil_clause: 'non-admin users are not confined correctly'
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
-index dcd2011ed..c75ef3ead 100644
+index 50884551a..0b81bbf55 100644
 --- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
 @@ -80,7 +80,7 @@ references:
@@ -12695,10 +12347,10 @@ index dcd2011ed..c75ef3ead 100644
      stigid@sle15: SLES-15-010330
      stigid@ubuntu2004: UBTU-20-010414
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-index 44f415f05..b181d9e15 100644
+index 1539bc866..17093daf8 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_home/rule.yml
-@@ -41,7 +41,7 @@ references:
+@@ -42,7 +42,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021310
      stigid@ol8: OL08-00-010800
@@ -12721,10 +12373,10 @@ index 4ac7375e0..7d8c344ef 100644
  {{{ complete_ocil_entry_separate_partition(part="/tmp") }}}
  
 diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-index 509a3ae7e..0afb7b143 100644
+index f74455ae9..76897321e 100644
 --- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
 +++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
-@@ -40,7 +40,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      srg: SRG-OS-000480-GPOS-00227
      stigid@ol7: OL07-00-021320
      stigid@ol8: OL08-00-010540
@@ -13338,35 +12990,35 @@ index 7fca85ed5..53274ec25 100644
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index b607202c5..621420882 100644
+index 8a4fd001c..72305d4a7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # packages = crypto-policies-scripts
  
  # IMPORTANT: This is a false negative scenario.
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index e5b598342..539ea8f3c 100644
+index 86f92f01d..446899d74 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # packages = crypto-policies-scripts
  
  update-crypto-policies --set "DEFAULT"
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index 7be3c82f3..776f79f4c 100644
+index eabefa55c..77fef76c7 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
@@ -13393,24 +13045,24 @@ index 356aa3ffe..05dd9be57 100644
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 06bd713dd..8de885e50 100644
+index 311b8ef26..105040173 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index 56a081eca..a5383733b 100644
+index adfd91745..282d77221 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
@@ -13437,13 +13089,13 @@ index b06e035fa..679e23ee7 100644
  # packages = crypto-policies-scripts
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 6679f94bd..f2246ba0c 100644
+index 4437e369a..a35996eba 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  # profiles = xccdf_org.ssgproject.content_profile_ospp
  # packages = crypto-policies-scripts
  
@@ -13632,10 +13284,10 @@ index 2863c6102..aeeddb9a1 100644
  
  cp ipsec.conf /etc
 diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-index de245380f..e49c24947 100644
+index 20101a46a..65845042a 100644
 --- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
-@@ -45,7 +45,7 @@ references:
+@@ -46,7 +46,7 @@ references:
      pcidss: Req-2.2
      srg: SRG-OS-000250-GPOS-00093
      stigid@ol8: OL08-00-010293
@@ -14277,7 +13929,7 @@ index 6db8f9654..2f0172991 100644
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
-index 5ddb29f3e..4674919b5 100644
+index 4f2429fec..377144c32 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
 @@ -31,7 +31,7 @@ references:
@@ -14397,6 +14049,19 @@ index 365136d0c..e7f764dda 100644
  
  {{{ bash_instantiate_variables("sshd_approved_ciphers") }}}
  
+diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
+index 41994d946..3fc7c8a03 100644
+--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
++++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
+@@ -16,7 +16,7 @@
+ 
+   
+     {{{ PATH }}}
+-    {{%- if product in ["ol8", "rhel8"] -%}}
++    {{%- if product in ["ol8", "rhel8", "almalinux8"] -%}}
+     ^(?!#).*-oCiphers=([^\s']+).*$
+     {{%- else -%}}
+     ^(?!#).*Ciphers\s+([^\s']+).*$
 diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
 index 5d5b47d86..e45953b86 100644
 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
@@ -14792,12 +14457,12 @@ index 298c79dc0..b84d9c805 100644
  
  echo "wrong data" > /etc/profile.d/openssl-rand.sh
 diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
-index 0447bf2c4..43627ebd3 100644
+index 782c94b4d..7a4862443 100644
 --- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 +++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
-+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
+-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = restrict
  # complexity = low
@@ -14814,31 +14479,11 @@ index 88d8a4312..dde17fabc 100644
      stigid@ubuntu2004: UBTU-20-010415
  
  ocil_clause: 'the package is not installed'
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-index 9647791ef..9f70b30d4 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-index 5da0c99e6..57ac7592b 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
- 
- fips-mode-setup --enable
- FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-index ea4eb058f..aa7ea64f6 100644
+index 187038823..df95eb3df 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
-@@ -31,7 +31,7 @@ references:
+@@ -39,7 +39,7 @@ references:
      ospp: FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -14872,19 +14517,19 @@ index b92e82236..138d2c997 100644
  fips-mode-setup --enable
  FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-index 267fc6b0d..19f208051 100644
+index ca46a3606..16261f584 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-@@ -27,7 +27,7 @@
-             
-           
--          {{% if product in ["ol8", "rhel8"] %}}
-+          {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
-           
-           {{% else %}}
-@@ -79,7 +79,7 @@ to a crypto policy module that further restricts the modified crypto policy.">
+@@ -55,7 +55,7 @@
+               
+             
+-            {{% if product in ["ol8", "rhel8"] %}}
++            {{% if product in ["ol8", "rhel8", "almalinux8"] %}}
+             
+             {{% else %}}
+@@ -128,7 +128,7 @@ to a crypto policy module that further restricts the modified crypto policy.">
    {{%- endif %}}
    
  
@@ -14894,10 +14539,10 @@ index 267fc6b0d..19f208051 100644
      check="all" check_existence="all_exist"
      comment="FIPS mode is selected in running kernel options">
 diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-index 29cafb8cc..da1feb8e1 100644
+index 1687fcac9..8d2f9271a 100644
 --- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
-@@ -46,7 +46,7 @@ references:
+@@ -59,7 +59,7 @@ references:
      ospp: FCS_COP.1(1),FCS_COP.1(2),FCS_COP.1(3),FCS_COP.1(4),FCS_CKM.1,FCS_CKM.2,FCS_TLSC_EXT.1,FCS_RBG_EXT.1
      srg: SRG-OS-000478-GPOS-00223,SRG-OS-000396-GPOS-00176
      stigid@ol8: OL08-00-010020
@@ -14907,10 +14552,10 @@ index 29cafb8cc..da1feb8e1 100644
  ocil_clause: 'FIPS mode is not enabled'
  
 diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-index b99066920..8bbeff033 100644
+index 61093f4b2..4041785ef 100644
 --- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
 +++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
-@@ -32,7 +32,7 @@ references:
+@@ -41,7 +41,7 @@ references:
      nist: SC-12(2),SC-12(3),IA-7,SC-13,CM-6(a),SC-12
      srg: SRG-OS-000033-GPOS-00014,SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000393-GPOS-00173,SRG-OS-000394-GPOS-00174,SRG-OS-000396-GPOS-00176,SRG-OS-000423-GPOS-00187,SRG-OS-000478-GPOS-00223
      stigid@ol8: OL08-00-010020
@@ -14930,10 +14575,10 @@ index b320fccb5..5e1c5b637 100644
  {{% if 'sle' in product or 'slmicro' in produc %}}
  zypper -q --no-remote ref
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-index 8b0fc6c63..4be148425 100644
+index 7cef39f6c..cb13929ea 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
 +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
-@@ -61,7 +61,7 @@ references:
+@@ -62,7 +62,7 @@ references:
      srg: SRG-OS-000445-GPOS-00199
      stigid@ol7: OL07-00-020029
      stigid@ol8: OL08-00-010359
@@ -15019,6 +14664,16 @@ index d76b93657..35c7a2400 100644
  # packages = aide
  
  aide --init
+diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
+index c0d829568..f31f1584d 100644
+--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
++++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_checking_systemd_timer/tests/aide_timer_weekly.pass.sh
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
+ #!/bin/bash
+ # packages = aide
+ 
 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
 index dfa5c1b6c..60ac94141 100644
 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
@@ -15151,7 +14806,7 @@ index 1ab6b7b23..3633030e5 100644
  
  cat >/etc/aide.conf < 0
+   when:
+    - gpg_key_directory_permission.stat.mode <= '0755'
+    - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
+    - gpg_installed_fingerprints | length > 0
+-   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "9"
 +   - ansible_distribution == "AlmaLinux"
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-new file mode 100644
-index 000000000..817ee6141
---- /dev/null
+index f78a6fb82..817ee6141 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-@@ -0,0 +1,27 @@
-+# platform = multi_platform_almalinux
+@@ -1,8 +1,9 @@
+ # platform = multi_platform_almalinux
+-readonly ALMALINUX_RELEASE_FINGERPRINT="{{{ release_key_fingerprint }}}"
 +readonly ALMALINUX_FINGERPRINT="{{{ release_key_fingerprint }}}"
 +readonly ALMALINUX_AUXILIARY_FINGERPRINT="{{{ auxiliary_key_fingerprint }}}"
-+
-+# Location of the key we would like to import (once it's integrity verified)
+ 
+ # Location of the key we would like to import (once it's integrity verified)
+-readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
 +readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
-+
-+RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
-+
-+# Verify /etc/pki/rpm-gpg directory permissions are safe
-+if [ "${RPM_GPG_DIR_PERMS}" -le "755" ]
-+then
-+  # If they are safe, try to obtain fingerprints from the key file
+ 
+ RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
+ 
+@@ -10,13 +11,15 @@ RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
+ if [ "${RPM_GPG_DIR_PERMS}" -le "755" ]
+ then
+   # If they are safe, try to obtain fingerprints from the key file
+-  # (to ensure there won't be e.g. CRC error).
+-  readarray -t GPG_OUT < <(gpg --show-keys --with-fingerprint --with-colons "$ALMALINUX_RELEASE_KEY" | grep -A1 "^pub" | grep "^fpr" | cut -d ":" -f 10)
 +  # (to ensure there won't be e.g. CRC error)
 +  readarray -t GPG_OUT < <(gpg --show-keys --with-fingerprint --with-colons "$REDHAT_RELEASE_KEY" | grep -A1 "^pub" | grep "^fpr" | cut -d ":" -f 10)
-+  GPG_RESULT=$?
-+  # No CRC error, safe to proceed
-+  if [ "${GPG_RESULT}" -eq "0" ]
-+  then
+   GPG_RESULT=$?
+   # No CRC error, safe to proceed
+   if [ "${GPG_RESULT}" -eq "0" ]
+   then
+-    echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_RELEASE_FINGERPRINT}" || {
 +    # Filter just hexadecimal fingerprints from gpg's output from
 +    # processing of a key file
 +    echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_FINGERPRINT}|${ALMALINUX_AUXILIARY_FINGERPRINT}" || {
-+      # If $ALMALINUX_RELEASE_KEY file doesn't contain any keys with unknown fingerprint, import it
-+      rpm --import "${ALMALINUX_RELEASE_KEY}"
-+    }
-+  fi
-+fi
+       # If $ALMALINUX_RELEASE_KEY file doesn't contain any keys with unknown fingerprint, import it
+       rpm --import "${ALMALINUX_RELEASE_KEY}"
+     }
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
-new file mode 100644
-index 000000000..cbc55c2d7
---- /dev/null
+index 74481fb18..cbc55c2d7 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
-@@ -0,0 +1,55 @@
-+
+@@ -1,37 +1,55 @@
+-{{% if pkg_version %}}
+-{{# If pkg_version isn't defined, then the rule should be NOTCHECKED, because we don't have data needed for the check #}}
+ 
+-  
+-    {{{ oval_metadata("The AlmaLinux release packages are required to be installed.") }}}
 +  
 +    
 +      AlmaLinux gpg-pubkey Package Installed
@@ -15863,39 +15531,52 @@ index 000000000..cbc55c2d7
 +      
 +      The AlmaLinux key packages are required to be installed.
 +    
-+    
+     
+-      
+-        
+-          
 +      
 +        
 +          
-+        
-+        
+         
 +        test_ref="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" />
 +        
 +          
 +        
-+      
-+    
-+  
-+
+       
+     
+   
+ 
+-  
+-  
 +  
 +  
-+    gpg-pubkey
-+  
-+
+     gpg-pubkey
+   
+ 
+-  
+-  
 +  
-+  
+-    
+-    
 +  id="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" version="1"
 +  comment="AlmaLinux 8 key package is installed">
 +    
 +    
-+  
-+
+   
+ 
+-  
 +  
-+    {{{ pkg_release }}}
-+    {{{ pkg_version }}}
-+  
-+
+     {{{ pkg_release }}}
+     {{{ pkg_version }}}
+   
+ 
 +  
 +  {{{ aux_pkg_version }}}
 +  
 +
-+
+ 
+-{{% endif %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-new file mode 100644
-index 000000000..11cebb049
---- /dev/null
+index e1c9c1653..11cebb049 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-@@ -0,0 +1,44 @@
-+documentation_complete: true
-+
-+title: 'Ensure AlmaLinux GPG Key Installed'
-+
-+description: |-
+@@ -1,40 +1,39 @@
+ documentation_complete: true
+ 
+-
+ title: 'Ensure AlmaLinux GPG Key Installed'
+ 
+ description: |-
+-    To ensure the system can cryptographically verify base software packages
+-    come from AlmaLinux (and to connect to the AlmaLinux repositories to 
+-    receive them), the AlmaLinux GPG key must be properly installed. To install 
+-    the AlmaLinux GPG key, run:
+-    
$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9

 +    To ensure the system can cryptographically verify base software
 +    packages come from AlmaLinux, the AlmaLinux GPG key must properly be installed.
 +    To install the AlmaLinux GPG key, run:
@@ -15930,34 +15617,56 @@ index 000000000..11cebb049
 +    in /media/cdrom, use the following command as the root user to import
 +    it into the keyring:
 +    
$ sudo rpm --import /media/cdrom/RPM-GPG-KEY-AlmaLinux

-+
-+rationale: |-
+ 
+ rationale: |-
+-    Changes to software components can have significant effects on the overall
+-    security of the operating system. This requirement ensures the software has
+-    not been tampered with and that it has been provided by a trusted vendor.
+-    The AlmaLinux GPG key is necessary to cryptographically verify packages are
+-    from AlmaLinux.
 +    Changes to software components can have significant effects on the
 +    overall security of the operating system. This requirement ensures
 +    the software has not been tampered with and that it has been provided
 +    by a trusted vendor. The AlmaLinux GPG key is necessary to
 +    cryptographically verify packages are from AlmaLinux.
-+
-+severity: high
-+
-+references:
+ 
+ severity: high
+ 
+ references:
+-    cis-csc: 11,2,3,9
+-    cjis: 5.10.4.1
+-    cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
+-    cui: 3.4.8
 +    cis: 1.2.2
-+    disa: CCI-001749
+     disa: CCI-001749
+-    hipaa: 164.308(a)(1)(ii)(D),164.312(b),164.312(c)(1),164.312(c)(2),164.312(e)(2)(i)
+-    isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
+-    isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
+-    iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4
+-    nerc-cip: CIP-003-8 R4.2,CIP-003-8 R6,CIP-007-3 R4,CIP-007-3 R4.1,CIP-007-3 R4.2,CIP-007-3 R5.1
+-    nist: CM-5(3),SI-7,SC-12,SC-12(3),CM-6(a)
 +    nist: CM-5(3),SI-7,SC-12,SC-12(3),CM-6(a),CM-11(a),CM-11(b)
-+    nist-csf: PR.DS-6,PR.DS-8,PR.IP-1
-+    pcidss: Req-6.2
+     nist-csf: PR.DS-6,PR.DS-8,PR.IP-1
+-    ospp: FPT_TUD_EXT.1,FPT_TUD_EXT.2
+     pcidss: Req-6.2
+-    srg: SRG-OS-000366-GPOS-00153
 +    isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
 +    isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
 +    cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
 +    iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4
 +    cis-csc: 11,2,3,9
-+
-+ocil_clause: 'the AlmaLinux GPG Key is not installed'
-+
-+ocil: |-
-+    To ensure that the GPG key is installed, run:
-+    
$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey

-+    The command should return the string below:
+ 
+ ocil_clause: 'the AlmaLinux GPG Key is not installed'
+ 
+@@ -42,8 +41,4 @@ ocil: |-
+     To ensure that the GPG key is installed, run:
+     
$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey

+     The command should return the string below:
+-    
AlmaLinux OS 9 <packager@almalinux.org> public key

+-
+-fixtext: |-
+-    Install {{{ full_name }}} GPG key. Run the following command:
+-    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
 +    
gpg(AlmaLinux <packager@almalinux.org>

 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
 index 4366d9faa..4a3043290 100644
@@ -15969,10 +15678,10 @@ index 4366d9faa..4a3043290 100644
  
  {{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-index d3fe7d0fb..771ea7ea1 100644
+index 284bfe13d..a72a4b206 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
-@@ -56,7 +56,7 @@ references:
+@@ -57,7 +57,7 @@ references:
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol7: OL07-00-020050
      stigid@ol8: OL08-00-010370
@@ -15995,30 +15704,30 @@ index 0d38f08a0..3c48a4f53 100644
  ocil_clause: 'there is no process to validate certificates for local packages that is approved by the organization'
  
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
-index a653565f5..0e8220272 100644
+index 9fbd9fff2..71782514c 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
-index 07e02fa47..ee1d023d9 100644
+index fb6361d3c..e27d8c9d5 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
- {{% if product in ["sle12", "sle15"] %}}
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
+ {{% if product in ["sle12", "sle15", "slmicro5"] %}}
  sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
  {{% else %}}
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-index 5a3ce069c..50a31bfe4 100644
+index aaba098c7..5e3b5a605 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
-@@ -43,7 +43,7 @@ references:
+@@ -50,7 +50,7 @@ references:
      pcidss: Req-6.2
      srg: SRG-OS-000366-GPOS-00153
      stigid@ol8: OL08-00-010370
@@ -16028,25 +15737,27 @@ index 5a3ce069c..50a31bfe4 100644
  ocil_clause: 'GPG checking is disabled'
  
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-index 37e47e4d4..a852e856f 100644
+index 90ee6e0e0..4e2095f9c 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  
- sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/yum.repos.d/*
+ {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
+   sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/zypp/repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-index 04ff6e577..b97d75469 100644
+index e6dfa5ba5..f90e114cd 100644
 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
 +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
-@@ -1,4 +1,4 @@
+@@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro
  
- sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
+ {{%- if product in ["sle12", "sle15", "slmicro5"] %}}
+   sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
 diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
 index 86d0cb5d3..9cb7152f3 100644
 --- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
@@ -18566,10 +18277,10 @@ index 000000000..08c87ea68
 +
 diff --git a/products/almalinux8/product.yml b/products/almalinux8/product.yml
 new file mode 100644
-index 000000000..fc3e37660
+index 000000000..536dc8a7c
 --- /dev/null
 +++ b/products/almalinux8/product.yml
-@@ -0,0 +1,53 @@
+@@ -0,0 +1,52 @@
 +product: almalinux8
 +full_name: AlmaLinux 8
 +type: platform
@@ -18613,7 +18324,6 @@ index 000000000..fc3e37660
 +      title: "AlmaLinux 8"
 +      check_id: installed_OS_is_almalinux8
 +
-+
 +# Mapping of CPE platform to package
 +platform_package_overrides:
 +  login_defs: "shadow-utils"
@@ -18625,10 +18335,10 @@ index 000000000..fc3e37660
 +journald_conf_dir_path: /etc/systemd/journald.conf.d
 diff --git a/products/almalinux8/profiles/anssi_bp28_enhanced.profile b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
 new file mode 100644
-index 000000000..f580bb611
+index 000000000..f9f8528e1
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,52 @@
+@@ -0,0 +1,53 @@
 +documentation_complete: true
 +
 +metadata:
@@ -18680,13 +18390,14 @@ index 000000000..f580bb611
 +    - '!accounts_passwords_pam_tally2_unlock_time'
 +    - '!audit_rules_privileged_commands_insmod'
 +    - '!ensure_oracle_gpgkey_installed'
++    - '!ensure_almalinux_gpgkey_installed'
 +    - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_high.profile b/products/almalinux8/profiles/anssi_bp28_high.profile
 new file mode 100644
-index 000000000..0c492e830
+index 000000000..1e80480a7
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,59 @@
+@@ -0,0 +1,60 @@
 +documentation_complete: true
 +
 +metadata:
@@ -18745,13 +18456,14 @@ index 000000000..0c492e830
 +    - '!cracklib_accounts_password_pam_dcredit'
 +    - '!grub2_page_alloc_shuffle_argument'
 +    - '!ensure_oracle_gpgkey_installed'
++    - '!ensure_almalinux_gpgkey_installed'
 +    - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_intermediary.profile b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
 new file mode 100644
-index 000000000..7e6adfe6b
+index 000000000..98ddfe69f
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,40 @@
+@@ -0,0 +1,41 @@
 +documentation_complete: true
 +
 +metadata:
@@ -18791,13 +18503,14 @@ index 000000000..7e6adfe6b
 +  - '!grub2_page_alloc_shuffle_argument'
 +  - '!accounts_passwords_pam_tally2_unlock_time'
 +  - '!ensure_oracle_gpgkey_installed'
++  - '!ensure_almalinux_gpgkey_installed'
 +  - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/anssi_bp28_minimal.profile b/products/almalinux8/profiles/anssi_bp28_minimal.profile
 new file mode 100644
-index 000000000..772d31035
+index 000000000..328ecdfb7
 --- /dev/null
 +++ b/products/almalinux8/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,36 @@
+@@ -0,0 +1,37 @@
 +documentation_complete: true
 +
 +metadata:
@@ -18833,6 +18546,7 @@ index 000000000..772d31035
 +  - '!cracklib_accounts_password_pam_ocredit'
 +  - '!accounts_passwords_pam_tally2_unlock_time'
 +  - '!ensure_oracle_gpgkey_installed'
++  - '!ensure_almalinux_gpgkey_installed'
 +  - '!package_kea_removed'
 diff --git a/products/almalinux8/profiles/cis.profile b/products/almalinux8/profiles/cis.profile
 new file mode 100644
@@ -19155,10 +18869,10 @@ index 000000000..5fd48dbdc
 +    - var_system_crypto_policy=fips
 diff --git a/products/almalinux8/profiles/default.profile b/products/almalinux8/profiles/default.profile
 new file mode 100644
-index 000000000..912b50837
+index 000000000..25ce7c141
 --- /dev/null
 +++ b/products/almalinux8/profiles/default.profile
-@@ -0,0 +1,718 @@
+@@ -0,0 +1,720 @@
 +documentation_complete: true
 +
 +hidden: true
@@ -19877,6 +19591,8 @@ index 000000000..912b50837
 +    - configure_bashrc_tmux
 +    - configure_tmux_lock_keybinding
 +    - package_mcafeetp_installed
++    - harden_sshd_ciphers_openssh_conf_crypto_policy
++    - harden_sshd_macs_openssh_conf_crypto_policy
 diff --git a/products/almalinux8/profiles/e8.profile b/products/almalinux8/profiles/e8.profile
 new file mode 100644
 index 000000000..491958fdd
@@ -20797,10 +20513,10 @@ index 000000000..094c14a62
 +    - zipl_page_poison_argument
 diff --git a/products/almalinux8/profiles/pci-dss.profile b/products/almalinux8/profiles/pci-dss.profile
 new file mode 100644
-index 000000000..522b22fe2
+index 000000000..b942efc6f
 --- /dev/null
 +++ b/products/almalinux8/profiles/pci-dss.profile
-@@ -0,0 +1,59 @@
+@@ -0,0 +1,60 @@
 +documentation_complete: true
 +
 +metadata:
@@ -20851,6 +20567,7 @@ index 000000000..522b22fe2
 +    - '!cracklib_accounts_password_pam_lcredit'
 +    - '!service_timesyncd_enabled'
 +    - '!ensure_suse_gpgkey_installed'
++    - '!ensure_almalinux_gpgkey_installed'
 +    - '!ensure_shadow_group_empty'
 +    - '!mask_nonessential_services'
 +    - '!gnome_gdm_disable_unattended_automatic_login'
@@ -21068,14 +20785,14 @@ index 000000000..3c09d50d0
 +    - file_permissions_user_cfg
 diff --git a/products/almalinux8/profiles/stig.profile b/products/almalinux8/profiles/stig.profile
 new file mode 100644
-index 000000000..0ba423604
+index 000000000..996691bff
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig.profile
-@@ -0,0 +1,1236 @@
+@@ -0,0 +1,1228 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R1
++    version: V2R2
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -21086,10 +20803,10 @@ index 000000000..0ba423604
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG for Red Hat Enterprise Linux 8 V2R1.
++    DISA STIG for Red Hat Enterprise Linux 8 V2R2.
 +
-+    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
++    In addition to being applicable to Red Hat Enterprise Linux 8, this
++    configuration baseline is applicable to the operating system tier of
 +    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
 +
 +    - Red Hat Enterprise Linux Server
@@ -21115,7 +20832,7 @@ index 000000000..0ba423604
 +    - var_password_pam_remember_control_flag=requisite_or_required
 +    - var_selinux_state=enforcing
 +    - var_selinux_policy_name=targeted
-+    - var_password_pam_unix_rounds=5000
++    - var_password_hashing_min_rounds_login_defs=100000
 +    - var_password_pam_minlen=15
 +    - var_password_pam_ocredit=1
 +    - var_password_pam_dcredit=1
@@ -21277,11 +20994,9 @@ index 000000000..0ba423604
 +    - configure_ssh_crypto_policy
 +
 +    # RHEL-08-010290
-+    - harden_sshd_macs_openssh_conf_crypto_policy
 +    - harden_sshd_macs_opensshserver_conf_crypto_policy
 +
 +    # RHEL-08-010291
-+    - harden_sshd_ciphers_openssh_conf_crypto_policy
 +    - harden_sshd_ciphers_opensshserver_conf_crypto_policy
 +
 +    # RHEL-08-010292
@@ -21687,12 +21402,6 @@ index 000000000..0ba423604
 +    # RHEL-08-020210
 +    - accounts_password_set_max_life_existing
 +
-+    # RHEL-08-020220
-+    - accounts_password_pam_pwhistory_remember_system_auth
-+
-+    # RHEL-08-020221
-+    - accounts_password_pam_pwhistory_remember_password_auth
-+
 +    # RHEL-08-020230
 +    - accounts_password_pam_minlen
 +
@@ -22310,14 +22019,14 @@ index 000000000..0ba423604
 +    - package_krb5-server_removed
 diff --git a/products/almalinux8/profiles/stig_gui.profile b/products/almalinux8/profiles/stig_gui.profile
 new file mode 100644
-index 000000000..9de6ac92b
+index 000000000..0f9a28183
 --- /dev/null
 +++ b/products/almalinux8/profiles/stig_gui.profile
 @@ -0,0 +1,51 @@
 +documentation_complete: true
 +
 +metadata:
-+    version: V2R1
++    version: V2R2
 +    SMEs:
 +        - mab879
 +        - ggbecker
@@ -22328,10 +22037,10 @@ index 000000000..9de6ac92b
 +
 +description: |-
 +    This profile contains configuration checks that align to the
-+    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R1.
++    DISA STIG with GUI for Red Hat Enterprise Linux 8 V2R2.
 +
-+    In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this
-+    configuration baseline as applicable to the operating system tier of
++    In addition to being applicable to Red Hat Enterprise Linux 8, this
++    configuration baseline is applicable to the operating system tier of
 +    Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as:
 +
 +    - Red Hat Enterprise Linux Server
@@ -22482,10 +22191,10 @@ index 000000000..91af880dd
 +
 +
 diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index 19129cc69..683721b2b 100644
+index f803e8ff0..0d908f044 100644
 --- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
 +++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -15,6 +15,7 @@
+@@ -16,6 +16,7 @@
  	multi_platform_ol
  	multi_platform_rhcos
  	multi_platform_rhel
@@ -22493,21 +22202,21 @@ index 19129cc69..683721b2b 100644
  	multi_platform_rhv
  	multi_platform_sle
      multi_platform_slmicro5
-diff --git a/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml
+diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
 new file mode 120000
-index 000000000..e83874f8c
+index 000000000..faa263aeb
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v2r1-xccdf-manual.xml
++++ b/shared/references/disa-stig-almalinux8-v2r2-xccdf-manual.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v2r1-xccdf-manual.xml
++disa-stig-rhel8-v2r2-xccdf-manual.xml
 \ No newline at end of file
-diff --git a/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml
+diff --git a/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml
 new file mode 120000
-index 000000000..695c2b8c5
+index 000000000..b35d1960b
 --- /dev/null
-+++ b/shared/references/disa-stig-almalinux8-v2r1-xccdf-scap.xml
++++ b/shared/references/disa-stig-almalinux8-v2r2-xccdf-scap.xml
 @@ -0,0 +1 @@
-+disa-stig-rhel8-v2r1-xccdf-scap.xml
++disa-stig-rhel8-v2r2-xccdf-scap.xml
 \ No newline at end of file
 diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
 index e83699662..1efabcf62 100644
@@ -22593,16 +22302,115 @@ index e83699662..1efabcf62 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-index e159256ef..4939cfe13 100644
---- a/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v2r2-xccdf-manual.xml
-@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
+             5416
+           
+           CCI-000213
+-          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++          Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+  
+ Generate an encrypted grub2 password for the grub superusers account with the following command: 
+  
+@@ -11097,7 +11097,7 @@ The "logind" service must be restarted for the changes to take effect. To restar
+             The OL8 system boots with United Extensable Firmware Interface (UEFI)
+           
+           
+-            
++            
+           
+         
+         
+@@ -11250,11 +11250,11 @@ Passwords need to be protected at all times, and encryption is the standard meth
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system.  GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.
+           
+-          
+-            
++          
++            
+             
+-              
+-              
++              
++              
+             
+           
+         
+@@ -11874,7 +11874,7 @@ Configuration settings are the set of parameters that can be changed in hardware
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+           
+-            
++            
+             
+               
+               
+@@ -15425,7 +15425,7 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+         
+           
+         
+-        
++        
+           
+         
+         
+@@ -15479,11 +15479,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           
+           
+         
+-        
++        
+           
+           
+         
+-        
++        
+           
+           
+         
+@@ -17231,8 +17231,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+         
+           gnome-shell
+         
+-        
+-          /boot/efi/EFI/redhat/grub.cfg
++        
++          /boot/efi/EFI/almalinux/grub.cfg
+         
+         
+           /boot/grub2/grub.cfg
+@@ -17308,13 +17308,13 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d*)
+           1
+         
+-        
+-          /boot/efi/EFI/redhat/grub.cfg
++        
++          /boot/efi/EFI/almalinux/grub.cfg
+           ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
+           1
+         
+-        
+-          /boot/efi/EFI/redhat/user.cfg
++        
++          /boot/efi/EFI/almalinux/user.cfg
+           ^\s*GRUB2_PASSWORD=(\S+)\b
+           1
+         
+diff --git a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
+index 7e5d2fce0..f4fc7a4be 100644
+--- a/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
++++ b/shared/references/disa-stig-ol8-v2r3-xccdf-manual.xml
+@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 100000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>OL08-00-010140OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Oracle Linux 8DISADPMS TargetOracle Linux 85416CCI-000213Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
   
  Generate an encrypted grub2 password for the grub superusers account with the following command: 
   
@@ -22629,16 +22437,16 @@ index e159256ef..4939cfe13 100644
  set superusers="[someuniqueUserNamehere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-index 662cf8848..6dc6f2517 100644
---- a/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-manual.xml
-@@ -374,7 +374,7 @@ SHA_CRYPT_MIN_ROUNDS 5000SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
+-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
++If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.SRG-OS-000080-GPOS-00048<GroupDescription></GroupDescription>RHEL-08-010140RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.<VulnDiscussion>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>DPMS Target Red Hat Enterprise Linux 8DISADPMS TargetRed Hat Enterprise Linux 82921CCI-000213Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
@@ -22651,7 +22459,7 @@ index 662cf8848..6dc6f2517 100644
  
  GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
  
-@@ -6372,11 +6372,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
+@@ -6384,11 +6384,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
  
  Generate a new grub.cfg file with the following command:
  
@@ -22665,20 +22473,51 @@ index 662cf8848..6dc6f2517 100644
  set superusers="[someuniquestringhere]"
  export superusers
  
-diff --git a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-index 4b581f4a0..31e165cbf 100644
---- a/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v2r1-xccdf-scap.xml
-@@ -2548,7 +2548,7 @@ SHA_CRYPT_MIN_ROUNDS 5000
-             2921
+diff --git a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
+index ecdb4b277..e0c917e1f 100644
+--- a/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
++++ b/shared/references/disa-stig-rhel8-v2r2-xccdf-scap.xml
+@@ -3264,7 +3264,7 @@ SHA_CRYPT_MIN_ROUNDS 100000
            
+           
            CCI-000213
 -          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
 +          Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
  
  Generate an encrypted grub2 password for the grub superusers account with the following command:
  
-@@ -10130,7 +10130,8 @@ $ sudo systemctl restart systemd-logind
+@@ -12501,8 +12501,8 @@ $ sudo systemctl restart systemd-logind
+             
+           
+           
+-            
+-            
++            
++            
+           
+         
+         
+@@ -15447,7 +15447,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.1 or lower
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             
+           
+@@ -15459,7 +15460,8 @@ $ sudo systemctl restart systemd-logind
+           
+             The system is RHEL 8.2 or higher
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             
+           
+@@ -15508,7 +15510,8 @@ $ sudo systemctl restart systemd-logind
            
              The system is RHEL 8.3 or lower
              
@@ -22688,2025 +22527,17 @@ index 4b581f4a0..31e165cbf 100644
              
              
            
-@@ -10155,7 +10156,8 @@ $ sudo systemctl restart systemd-logind
+@@ -15520,7 +15523,8 @@ $ sudo systemctl restart systemd-logind
            
-             The RHEL 8 version is RHEL 8.2 or newer.
+             The system is RHEL 8.4 or higher
              
 -              Red Hat Enterprise Linux 8
 +              Red Hat Enterprise Linux 8
 +AlmaLinux 8
              
-             External definition used to determine if the RHEL 8 version is RHEL 8.2 or newer for version applicability based requirements.
+             
            
-@@ -10168,7 +10170,8 @@ $ sudo systemctl restart systemd-logind
-           
-             IPv6 is disabled in the kernel.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             IPv6 is disabled in the kernel, either via a kernel cmdline option or sysctl.
-           
-@@ -10184,7 +10187,8 @@ $ sudo systemctl restart systemd-logind
-           
-             OpenSSH is installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             OpenSSH is installed
-           
-@@ -10196,7 +10200,8 @@ $ sudo systemctl restart systemd-logind
-           
-             RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
- 
-@@ -10213,7 +10218,8 @@ The fips=1 kernel option needs to be added to the kernel command line during sys
-           
-             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
- 
-@@ -10229,7 +10235,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The system must use a strong hashing algorithm to store the password.
- 
-@@ -10243,7 +10250,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
- 
-@@ -10258,15 +10266,16 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
-           
--          
--            
-+          
-+            
-             
--              
--              
-+              
-+              
-             
-           
-         
-@@ -10274,7 +10283,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
-           
-@@ -10290,7 +10300,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010160 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If the system does not require valid root authentication before it boots into rescue mode, anyone who invokes rescue mode is granted privileged access to all files on the system.
-           
-@@ -10302,7 +10313,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
-           
-             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -10322,7 +10334,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -10342,7 +10355,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010171 - RHEL 8 must have the policycoreutils package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
- 
-@@ -10356,7 +10370,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
-           
-             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10370,7 +10385,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10384,7 +10400,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10398,7 +10415,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10412,7 +10430,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10426,7 +10445,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -10440,7 +10460,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
- 
-@@ -10456,7 +10477,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
-           
-             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
- 
-@@ -10484,7 +10506,8 @@ RHEL 8 incorporates system-wide crypto policies by default.  The employed algori
-           
-             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -10498,7 +10521,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
- 
-@@ -10512,7 +10536,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
-           
-             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -10529,7 +10554,8 @@ Verifying the authenticity of the software prior to installation validates the i
-           
-             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
- 
-@@ -10552,7 +10578,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write).  Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment.  DAC allows the owner to determine who will have access to objects they control.  An example of DAC includes user-controlled file permissions.  
- 
-@@ -10576,7 +10603,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
- 
-@@ -10601,7 +10629,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -10627,7 +10656,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
- 
-@@ -10654,7 +10684,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -10669,7 +10700,8 @@ When operating systems provide the capability to escalate a functional capabilit
-           
-             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
- 
-@@ -10684,7 +10716,8 @@ When operating systems provide the capability to escalate a functional capabilit
-           
-             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
- 
-@@ -10704,7 +10737,8 @@ This requirement only applies to components where this is specific to the functi
-           
-             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
- 
-@@ -10727,7 +10761,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
-           
-@@ -10739,7 +10774,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
-           
-@@ -10751,7 +10787,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
-           
-@@ -10763,7 +10800,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
-           
-@@ -10776,7 +10814,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
-           
-@@ -10789,7 +10828,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
-           
-@@ -10802,7 +10842,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known hosts authentication.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
-           
-@@ -10815,7 +10856,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use Kerberos authentication, even in the event of misconfiguration elsewhere.
-           
-@@ -10828,7 +10870,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -10841,7 +10884,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
-           
-@@ -10854,7 +10898,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
-           
-@@ -10867,7 +10912,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010560 - The auditd service must be running in RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
- 
-@@ -10882,7 +10928,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
- 
-@@ -10897,12 +10944,13 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-           
--            
-+            
-             
-               
-               
-@@ -10913,7 +10961,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
-           
-@@ -10926,7 +10975,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -10939,7 +10989,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -10952,7 +11003,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
-           
-@@ -10965,7 +11017,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -10986,7 +11039,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -11001,7 +11055,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -11015,7 +11070,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -11029,7 +11085,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
-           
-@@ -11041,7 +11098,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             SSH environment options potentially allow users to bypass access restriction in some configurations.
-           
-@@ -11054,7 +11112,8 @@ A core dump includes a memory image taken at the time the operating system termi
-           
-             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11078,7 +11137,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             In RHEL 8.2 the "/etc/security/faillock.conf" file was incorporated to centralize the configuration of the pam_faillock.so module.  Also introduced is a "local_users_only" option that will only track failed user authentication attempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users to allow the centralized platform to solely manage user lockout.
- 
-@@ -11093,7 +11153,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11113,7 +11174,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11130,7 +11192,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11152,7 +11215,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11169,7 +11233,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11189,7 +11254,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11206,7 +11272,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11226,7 +11293,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020021 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11243,7 +11311,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11263,7 +11332,8 @@ From "Pam_Faillock" man pages: Note that the default directory that "pam_failloc
-           
-             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- 
-@@ -11280,7 +11350,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
-           
-@@ -11293,7 +11364,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/logins.def.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
-           
-@@ -11305,7 +11377,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
-           
-@@ -11317,7 +11390,8 @@ From "faillock.conf" man pages: Note that the default directory that "pam_faillo
-           
-             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
- 
-@@ -11333,7 +11407,8 @@ The DoD minimum password requirement is 15 characters.
-           
-             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
- 
-@@ -11347,7 +11422,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
-           
-             RHEL-08-021400 - RHEL 8 must prevent the use of dictionary words for passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
-           
-@@ -11359,7 +11435,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
-           
-             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
- 
-@@ -11373,7 +11450,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020330 - RHEL 8 must not have accounts configured with blank or null passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -11385,7 +11463,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
-           
-@@ -11398,7 +11477,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
-           
-@@ -11410,7 +11490,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
-           
-@@ -11426,7 +11507,8 @@ Configuration settings are the set of parameters that can be changed in hardware
-           
-             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -11442,7 +11524,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
-           
-             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
- 
-@@ -11458,7 +11541,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
-           
-             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
- 
-@@ -11476,7 +11560,8 @@ When availability is an overriding concern, other approved actions in response t
-           
-             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -11490,7 +11575,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
-           
-             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -11508,7 +11594,8 @@ When audit logs are not labeled before they are sent to a central log server, th
-           
-             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -11524,7 +11611,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
-           
-             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
- 
-@@ -11538,7 +11626,8 @@ The structure and content of error messages must be carefully considered by the
-           
-             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11552,7 +11641,8 @@ Audit information includes all information (e.g., audit records, audit settings,
-           
-             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11566,7 +11656,8 @@ Audit information includes all information (e.g., audit records, audit settings,
-           
-             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11580,7 +11671,8 @@ Audit information includes all information (e.g., audit records, audit settings,
-           
-             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11594,7 +11686,8 @@ Audit information includes all information (e.g., audit records, audit settings,
-           
-             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11610,7 +11703,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
-           
-             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
- 
-@@ -11626,7 +11720,8 @@ In immutable mode, unauthorized users cannot execute changes to the audit system
-           
-             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11641,7 +11736,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11656,7 +11752,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11671,7 +11768,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11686,7 +11784,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11701,7 +11800,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11716,7 +11816,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11731,7 +11832,8 @@ Audit records can be generated from various components within the information sy
-           
-             RHEL-08-030180 - The RHEL 8 audit package must be installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
- 
-@@ -11747,7 +11849,8 @@ Associating event types with detected events in RHEL 8 audit logs provides a mea
-           
-             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11764,7 +11867,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr system calls.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11811,7 +11915,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11830,7 +11935,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11849,7 +11955,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
-           
-             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11866,7 +11973,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11883,7 +11991,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11900,7 +12009,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11917,7 +12027,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -11935,7 +12046,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -11952,7 +12064,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -11969,7 +12082,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -11986,7 +12100,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -12003,7 +12118,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -12020,7 +12136,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -12037,7 +12154,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -12054,7 +12172,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
- 
-@@ -12071,7 +12190,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12088,7 +12208,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12105,7 +12226,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12122,7 +12244,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12139,7 +12262,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module command system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12161,7 +12285,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat and unlinkat commandsystem calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12192,7 +12317,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12209,7 +12335,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12227,7 +12354,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12244,7 +12372,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12261,7 +12390,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12306,7 +12436,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat and lchown system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12335,7 +12466,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod and fchmodat system calls in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12360,7 +12492,8 @@ The system call rules are loaded into a matching engine that intercepts each sys
-           
-             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12377,7 +12510,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12394,7 +12528,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12411,7 +12546,8 @@ When a user logs on, the AUID is set to the UID of the account that is being aut
-           
-             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12438,7 +12574,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
-           
-             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
- 
-@@ -12465,7 +12602,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
-           
-             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
-           
-@@ -12478,7 +12616,8 @@ DoD has defined the list of events for which RHEL 8 will provide an audit record
-           
-             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -12494,7 +12633,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           
-             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -12510,7 +12650,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           
-             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
- 
-@@ -12526,7 +12667,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
-           
-             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -12549,7 +12691,8 @@ Note that a port number was given as there is no standard port for RELP.
-             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -12565,7 +12708,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
-           
-             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
-           
-@@ -12577,7 +12721,8 @@ RHEL 8 installation media provides "rsyslogd".  "rsyslogd" is a system utility p
-           
-             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
- 
-@@ -12595,7 +12740,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
-           
-             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
- 
-@@ -12613,7 +12759,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
-           
-             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12635,7 +12782,8 @@ If a privileged user were to log on using this service, the privileged user pass
-           
-             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12653,7 +12801,8 @@ Verify the operating system is configured to disable non-essential capabilities.
-           
-             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12671,7 +12820,8 @@ Verify the operating system is configured to disable non-essential capabilities.
-           
-             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -12689,7 +12839,8 @@ If a privileged user were to log on using this service, the privileged user pass
-           
-             RHEL-08-040060 - RHEL 8 must enforce SSHv2 for network access to all accounts.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             A replay attack may enable an unauthorized user to gain access to RHEL 8. Authentication sessions between the authenticator and RHEL 8 validating the user credentials must not be vulnerable to a replay attack.
- 
-@@ -12710,7 +12861,8 @@ RHEL 8 incorporates OpenSSH as a default ssh provider. OpenSSH has been a 100 pe
-           
-             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12729,7 +12881,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12746,7 +12899,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12765,7 +12919,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12785,7 +12940,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12803,7 +12959,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12823,7 +12980,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12843,7 +13001,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12863,7 +13022,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12883,7 +13043,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12903,7 +13064,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12923,7 +13085,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12943,7 +13106,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12962,7 +13126,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -12981,7 +13146,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
- 
-@@ -13000,7 +13166,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
-           
-             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -13017,7 +13184,8 @@ Protecting the confidentiality and integrity of organizational information can b
-           
-             RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
- 
-@@ -13036,7 +13204,8 @@ Session key regeneration limits the chances of a session key becoming compromise
-           
-             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
-           
-@@ -13048,7 +13217,8 @@ Session key regeneration limits the chances of a session key becoming compromise
-           
-             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
-           
-@@ -13060,7 +13230,8 @@ Session key regeneration limits the chances of a session key becoming compromise
-           
-             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
-           
-@@ -13072,7 +13243,8 @@ Session key regeneration limits the chances of a session key becoming compromise
-           
-             RHEL-08-040210 - RHEL 8 must prevent Internet Control Message Protocol (ICMP) redirect messages from being accepted.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -13096,7 +13268,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
- 
-@@ -13119,7 +13292,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
- 
-@@ -13142,7 +13316,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040240 - RHEL 8 must not forward source-routed packets.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -13166,7 +13341,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040250 - RHEL 8 must not forward source-routed packets by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
- 
-@@ -13190,7 +13366,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040260 - RHEL 8 must not be performing packet forwarding unless the system is a router.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -13214,7 +13391,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -13240,7 +13418,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
- 
-@@ -13266,7 +13445,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
- 
-@@ -13289,7 +13469,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
- 
-@@ -13313,7 +13494,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13334,7 +13516,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13355,7 +13538,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13376,7 +13560,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13397,7 +13582,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13418,7 +13604,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
-           
-@@ -13431,7 +13618,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a ''no'' setting.
- X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.
-@@ -13446,7 +13634,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display.
-           
-@@ -13459,7 +13648,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
-           
-@@ -13472,7 +13662,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
-           
-@@ -13484,7 +13675,8 @@ If X11 services are not required for the system's intended function, they should
-           
-             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13500,7 +13692,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
-           
-             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13516,7 +13709,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
-           
-             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
- 
-@@ -13539,7 +13733,8 @@ Note that a port number was given as there is no standard port for RELP.
-             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
- 
-@@ -13558,7 +13753,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
-           
-@@ -13571,7 +13767,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
-           
-             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
- For more information on each of the listed configurations, reference the sudoers(5) manual page.
-@@ -13595,7 +13792,8 @@ For more information on each of the listed configurations, reference the sudoers
-           
-             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
- 
-@@ -13611,7 +13809,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
-           
-             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -13623,7 +13822,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
-           
-             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
- 
-@@ -13646,7 +13846,8 @@ The sysctl --system command will load settings from all system configuration fil
-           
-             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
-             
--              Red Hat Enterprise Linux 8
-+              Red Hat Enterprise Linux 8
-+AlmaLinux 8
-             
-             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
-           
-@@ -13658,7 +13859,8 @@ The sysctl --system command will load settings from all system configuration fil
+@@ -15572,7 +15576,8 @@ $ sudo systemctl restart systemd-logind
            
              RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
              
@@ -24716,7 +22547,7 @@ index 4b581f4a0..31e165cbf 100644
              
              An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
  
-@@ -13673,7 +13875,8 @@ Note: The life-cycle time spans and dates are subject to adjustment.
              RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
              
@@ -24726,7 +22557,77 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
  
-@@ -13691,7 +13894,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+@@ -15605,7 +15611,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPO
+           
+             RHEL-08-010070 - All RHEL 8 remote access methods must be monitored.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access management difficult at best.
+ 
+@@ -15621,7 +15628,8 @@ Automated monitoring of remote access sessions allows organizations to detect cy
+           
+             RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
+ 
+@@ -15637,7 +15645,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The system must use a strong hashing algorithm to store the password.
+ 
+@@ -15651,7 +15660,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The system must use a strong hashing algorithm to store the password. The system must use a sufficient number of hashing rounds to ensure the required level of entropy.
+ 
+@@ -15665,7 +15675,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+@@ -15677,7 +15688,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.
+           
+@@ -15689,7 +15701,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
+           
+             RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
+           
+@@ -15701,7 +15714,8 @@ Passwords need to be protected at all times, and encryption is the standard meth
            
              RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
              
@@ -24736,7 +22637,47 @@ index 4b581f4a0..31e165cbf 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -13707,7 +13911,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -15717,7 +15731,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -15735,7 +15750,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -15753,7 +15769,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -15767,7 +15784,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
+ 
+@@ -15781,7 +15799,8 @@ Policycoreutils contains the policy core utilities that are required for basic o
            
              RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
              
@@ -24746,7 +22687,87 @@ index 4b581f4a0..31e165cbf 100644
              
              Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
  
-@@ -13725,7 +13930,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+@@ -15799,7 +15818,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+           
+             RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15813,7 +15833,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15827,7 +15848,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15841,7 +15863,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15855,7 +15878,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15869,7 +15893,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -15883,7 +15908,8 @@ The structure and content of error messages must be carefully considered by the
+           
+             RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.
+ 
+@@ -15897,7 +15923,8 @@ The SSH implementation in RHEL8 uses the OPENSSL library, which does not use hig
+           
+             RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
+ 
+@@ -15917,7 +15944,8 @@ Satisfies: SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPO
            
              RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
              
@@ -24756,7 +22777,67 @@ index 4b581f4a0..31e165cbf 100644
              
              If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
  
-@@ -13739,7 +13945,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+@@ -15931,7 +15959,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010310 - RHEL 8 system commands must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15945,7 +15974,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15959,7 +15989,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010330 - RHEL 8 library files must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15973,7 +16004,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010340 - RHEL 8 library files must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -15987,7 +16019,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010350 - RHEL 8 library files must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -16001,7 +16034,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -16017,7 +16051,8 @@ Verifying the authenticity of the software prior to installation validates the i
            
              RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.
              
@@ -24766,7 +22847,137 @@ index 4b581f4a0..31e165cbf 100644
              
              Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
  
-@@ -13755,7 +13962,8 @@ Verifying the authenticity of the software prior to installation validates the i
+@@ -16033,7 +16068,8 @@ Verifying the authenticity of the software prior to installation validates the i
+           
+             RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
+ 
+@@ -16055,7 +16091,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
+ 
+@@ -16081,7 +16118,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
+           
+             RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Discretionary Access Control (DAC) is based on the notion that individual users are "owners" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.
+ 
+@@ -16107,7 +16145,8 @@ Satisfies: SRG-OS-000312-GPOS-00122, SRG-OS-000312-GPOS-00123, SRG-OS-000312-GPO
+           
+             RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -16133,7 +16172,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010376 - RHEL 8 must prevent kernel profiling by unprivileged users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.
+ 
+@@ -16159,7 +16199,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -16175,7 +16216,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without reauthentication, users may access resources or perform tasks for which they do not have authorization.
+ 
+@@ -16191,7 +16233,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Using an authentication device, such as a DoD Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, credentials stored on the authentication device will not be affected.
+ 
+@@ -16211,7 +16254,8 @@ This requirement only applies to components where this is specific to the functi
+           
+             RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -16227,7 +16271,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
+           
+             RHEL-08-010422 - RHEL 8 must disable virtual syscalls.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Syscalls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks.  Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes.  Virtual Syscalls map into user space a page that contains some variables and the implementation of some system calls.  This allows the system calls to be executed in userspace to alleviate the context switching expense.
+ 
+@@ -16243,7 +16288,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
+           
+             RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -16261,7 +16307,8 @@ Satisfies: SRG-OS-000134-GPOS-00068, SRG-OS-000433-GPOS-00192
+           
+             RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.
+ 
+@@ -16283,7 +16330,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
+           
+@@ -16295,7 +16343,8 @@ The sysctl --system command will load settings from all system configuration fil
            
              RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy.
              
@@ -24776,7 +22987,77 @@ index 4b581f4a0..31e165cbf 100644
              
              Without verification of the security functions, security functions may not operate correctly and the failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.
  
-@@ -13769,7 +13977,8 @@ This requirement applies to operating systems performing security function verif
+@@ -16309,7 +16358,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010460 - There must be no shosts.equiv files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "shosts.equiv" files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -16321,7 +16371,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010470 - There must be no .shosts files on the RHEL 8 operating system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The ".shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
+           
+@@ -16333,7 +16384,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010480 - The RHEL 8 SSH public host key files must have mode 0644 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If a public host key file is modified by an unauthorized user, the SSH service may be compromised.
+           
+@@ -16345,7 +16397,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010490 - The RHEL 8 SSH private host key files must have mode 0640 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an unauthorized user obtains the private SSH host key file, the host could be impersonated.
+           
+@@ -16357,7 +16410,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If other users have access to modify user-specific SSH configuration files, they may be able to log on to the system as another user.
+           
+@@ -16369,7 +16423,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known host’s authentication.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
+           
+@@ -16381,7 +16436,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010521 - The RHEL 8 SSH daemon must not allow Kerberos authentication, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring these settings for the SSH daemon provides additional assurance that remote logon via SSH will not use unused methods of authentication, even in the event of misconfiguration elsewhere.
+           
+@@ -16393,7 +16449,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010540 - RHEL 8 must use a separate file system for /var.
              
@@ -24786,7 +23067,7 @@ index 4b581f4a0..31e165cbf 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -13781,7 +13990,8 @@ This requirement applies to operating systems performing security function verif
+@@ -16405,7 +16462,8 @@ This requirement applies to operating systems performing security function verif
            
              RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log.
              
@@ -24796,7 +23077,357 @@ index 4b581f4a0..31e165cbf 100644
              
              The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
            
-@@ -13793,7 +14003,8 @@ This requirement applies to operating systems performing security function verif
+@@ -16417,7 +16475,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -16429,7 +16488,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010543 - A separate RHEL 8 filesystem must be used for the /tmp directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -16441,7 +16501,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging on directly as root. In addition, logging on with a user-specific account provides individual accountability of actions performed on the system.
+           
+@@ -16453,7 +16514,8 @@ This requirement applies to operating systems performing security function verif
+           
+             RHEL-08-010561 - The rsyslog service must be running in RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring RHEL 8 to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -16467,7 +16529,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010570 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16479,7 +16542,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16491,7 +16555,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010580 - RHEL 8 must prevent special devices on non-root local partitions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.  The only legitimate location for device files is the /dev directory located on the root partition.
+           
+@@ -16503,7 +16568,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "noexec" mount option causes the system not to execute binary files. This option must be used for mounting any file system not containing approved binary as they may be incompatible. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16515,7 +16581,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010640 - RHEL 8 must prevent special devices on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nodev" mount option causes the system to not interpret character or block special devices. Executing character or block special devices from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16527,7 +16594,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010650 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -16539,7 +16607,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-010671 - RHEL 8 must disable the kernel.core_pattern.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16559,7 +16628,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010672 - RHEL 8 must disable acquiring, saving, and processing core dumps.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16575,7 +16645,8 @@ When the kernel invokes systemd-coredumpt to handle a core dump, it runs in priv
+           
+             RHEL-08-010673 - RHEL 8 must disable core dumps for all users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16589,7 +16660,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010674 - RHEL 8 must disable storing core dumps.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16603,7 +16675,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010675 - RHEL 8 must disable core dump backtraces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -16617,7 +16690,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010680 - For RHEL 8 systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             To provide availability for name resolution services, multiple redundant name servers are mandated. A failure in name resolution could lead to the failure of security functions requiring name resolution, which may include time synchronization, centralized authentication, and remote system logging.
+           
+@@ -16629,7 +16703,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010720 - All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
+           
+@@ -16641,7 +16716,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010730 - All RHEL 8 local interactive user home directories must have mode 0750 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Excessive permissions on local interactive user home directories may allow unauthorized access to user files by other users.
+           
+@@ -16653,7 +16729,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010760 - All RHEL 8 local interactive user accounts must be assigned a home directory upon creation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files they should own.
+           
+@@ -16665,7 +16742,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010770 - All RHEL 8 local initialization files must have mode 0740 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Local initialization files are used to configure the user's shell environment upon logon. Malicious modification of these files could compromise accounts upon logon.
+           
+@@ -16677,7 +16755,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent).
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -16689,7 +16768,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010820 - Unattended or automatic logon via the RHEL 8 graphical user interface must not be allowed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Failure to restrict system access to authenticated users negatively impacts operating system security.
+           
+@@ -16701,7 +16781,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-010830 - RHEL 8 must not allow users to override SSH environment variables.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             SSH environment options potentially allow users to bypass access restriction in some configurations.
+           
+@@ -16713,7 +16794,8 @@ A core dump includes a memory image taken at the time the operating system termi
+           
+             RHEL-08-020010 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16731,7 +16813,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16749,7 +16832,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16767,7 +16851,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16785,7 +16870,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16803,7 +16889,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16821,7 +16908,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020018 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16839,7 +16927,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16857,7 +16946,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020020 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16877,7 +16967,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16895,7 +16986,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16915,7 +17007,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
+           
+             RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
+ 
+@@ -16933,7 +17026,8 @@ Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128
            
              RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
              
@@ -24806,7 +23437,37 @@ index 4b581f4a0..31e165cbf 100644
              
              Operating system management includes the ability to control the number of users and user sessions that utilize an operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to DoS attacks.
  
-@@ -13807,7 +14018,8 @@ This requirement addresses concurrent sessions for information system accounts a
+@@ -16947,7 +17041,8 @@ This requirement addresses concurrent sessions for information system accounts a
+           
+             RHEL-08-020030 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -16965,7 +17060,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
+           
+             RHEL-08-020050 - RHEL 8 must be able to initiate directly a session lock for all connection types using smartcard when the smartcard is removed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to log out because of the temporary nature of the absence.
+ 
+@@ -16981,7 +17077,8 @@ Satisfies: SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011
+           
+             RHEL-08-020080 - RHEL 8 must prevent a user from overriding the session lock-delay setting for the graphical user interface.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
+ 
+@@ -17001,7 +17098,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
            
              RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.
              
@@ -24816,7 +23477,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -13823,7 +14035,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
+@@ -17017,7 +17115,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. This
            
              RHEL-08-020110 - RHEL 8 must enforce password complexity by requiring that at least one uppercase character be used.
              
@@ -24826,7 +23487,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13839,7 +14052,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -17033,7 +17132,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020120 - RHEL 8 must enforce password complexity by requiring that at least one lower-case character be used.
              
@@ -24836,7 +23497,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13855,7 +14069,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
+@@ -17049,7 +17149,8 @@ RHEL 8 utilizes pwquality as a mechanism to enforce password complexity. Note th
            
              RHEL-08-020130 - RHEL 8 must enforce password complexity by requiring that at least one numeric character be used.
              
@@ -24846,7 +23507,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13871,7 +14086,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -17065,7 +17166,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020140 - RHEL 8 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed.
              
@@ -24856,7 +23517,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13887,7 +14103,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -17081,7 +17183,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020150 - RHEL 8 must require the maximum number of repeating characters be limited to three when passwords are changed.
              
@@ -24866,7 +23527,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13903,7 +14120,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -17097,7 +17200,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020160 - RHEL 8 must require the change of at least four character classes when passwords are changed.
              
@@ -24876,7 +23537,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13919,7 +14137,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -17113,7 +17217,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020170 - RHEL 8 must require the change of at least 8 characters when passwords are changed.
              
@@ -24886,7 +23547,37 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13935,7 +14154,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -17129,7 +17234,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020180 - RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime restriction in /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -17141,7 +17247,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020190 - RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Enforcing a minimum password lifetime helps to prevent repeated password changes to defeat the password reuse or history enforcement requirement. If users are allowed to immediately and continually change their password, the password could be repeatedly changed in a short period of time to defeat the organization's policy regarding password reuse.
+           
+@@ -17153,7 +17260,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+           
+             RHEL-08-020200 - RHEL 8 user account passwords must have a 60-day maximum password lifetime restriction.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
+           
+@@ -17165,7 +17273,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
              
@@ -24896,7 +23587,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If RHEL 8 does not limit the lifetime of passwords and force users to change their passwords, there is the risk that RHEL 8 passwords could be compromised.
            
-@@ -13947,7 +14167,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
+@@ -17177,7 +17286,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. The "
            
              RHEL-08-020230 - RHEL 8 passwords must have a minimum of 15 characters.
              
@@ -24906,7 +23597,37 @@ index 4b581f4a0..31e165cbf 100644
              
              The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
  
-@@ -13967,7 +14188,8 @@ The DoD minimum password requirement is 15 characters.
+@@ -17197,7 +17307,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020231 - RHEL 8 passwords for new users must have a minimum of 15 characters.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+ 
+@@ -17213,7 +17324,8 @@ The DoD minimum password requirement is 15 characters.
+           
+             RHEL-08-020240 - RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and compromise of the system.
+ 
+@@ -17233,7 +17345,8 @@ Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000121-GPOS-00062, SRG-OS-000042-GPO
+           
+             RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained.
+ 
+@@ -17247,7 +17360,8 @@ RHEL 8 needs to track periods of inactivity and disable application identifiers
            
              RHEL-08-020280 - All RHEL 8 passwords must contain at least one special character.
              
@@ -24916,7 +23637,7 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
  
-@@ -13983,7 +14205,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
+@@ -17263,7 +17377,8 @@ RHEL 8 utilizes "pwquality" as a mechanism to enforce password complexity. Note
            
              RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.
              
@@ -24926,7 +23647,37 @@ index 4b581f4a0..31e165cbf 100644
              
              If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
  
-@@ -13997,7 +14220,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+@@ -17277,7 +17392,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+           
+             RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 allows the user to select passwords based on dictionary words, this increases the chances of password compromise by increasing the opportunity for successful guesses, and brute-force attacks.
+           
+@@ -17289,7 +17405,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+           
+             RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring the operating system to implement organization-wide security implementation guides and security checklists verifies compliance with federal standards and establishes a common security baseline across the DoD that reflects the most restrictive security posture consistent with operational requirements.
+ 
+@@ -17303,7 +17420,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -17315,7 +17433,8 @@ Configuration settings are the set of parameters that can be changed in hardware
            
              RHEL-08-020340 - RHEL 8 must display the date and time of the last successful account logon upon logon.
              
@@ -24936,7 +23687,107 @@ index 4b581f4a0..31e165cbf 100644
              
              Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
            
-@@ -14009,7 +14233,8 @@ RHEL 8 includes multiple options for configuring authentication, but this requir
+@@ -17327,7 +17446,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.
+           
+@@ -17339,7 +17459,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Setting the most restrictive default permissions ensures that when new accounts are created, they do not have unnecessary access.
+           
+@@ -17351,7 +17472,8 @@ Configuration settings are the set of parameters that can be changed in hardware
+           
+             RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider threats and the advanced persistent threat.
+ 
+@@ -17365,7 +17487,8 @@ Satisfies: SRG-OS-000326-GPOS-00126, SRG-OS-000327-GPOS-00127
+           
+             RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -17381,7 +17504,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030030 - The RHEL 8 Information System Security Officer (ISSO) and System Administrator (SA) (at a minimum) must have mail aliases to be notified of an audit processing failure.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -17397,7 +17521,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.
+ 
+@@ -17413,7 +17538,8 @@ This requirement applies to each audit data storage repository (i.e., distinct i
+           
+             RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is critical that when RHEL 8 is at risk of failing to process audit logs as required, it takes action to mitigate the failure. Audit processing failures include software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or exceeded. Responses to audit failure depend upon the nature of the failure mode.
+ 
+@@ -17431,7 +17557,8 @@ When availability is an overriding concern, other approved actions in response t
+           
+             RHEL-08-030061 - The RHEL 8 audit system must audit local events.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -17445,7 +17572,8 @@ Audit record content that may be necessary to satisfy this requirement includes,
+           
+             RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -17463,7 +17591,8 @@ When audit logs are not labeled before they are sent to a central log server, th
+           
+             RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -17479,7 +17608,8 @@ Enriched logging aids in making sense of who, what, and when events occur on a s
            
              RHEL-08-030070 - RHEL 8 audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.
              
@@ -24946,7 +23797,687 @@ index 4b581f4a0..31e165cbf 100644
              
              Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
  
-@@ -14025,7 +14250,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+@@ -17495,7 +17625,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030080 - RHEL 8 audit logs must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can identify the RHEL 8 system or platform. Additionally, Personally Identifiable Information (PII) and operational information must not be revealed through error messages to unauthorized personnel or their designated representatives.
+ 
+@@ -17511,7 +17642,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030090 - RHEL 8 audit logs must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17527,7 +17659,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030100 - RHEL 8 audit log directory must be owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17543,7 +17676,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17559,7 +17693,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030120 - RHEL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17575,7 +17710,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17593,7 +17729,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality.
+ 
+@@ -17611,7 +17748,8 @@ Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPO
+           
+             RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17627,7 +17765,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030140 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17643,7 +17782,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17659,7 +17799,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17675,7 +17816,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17691,7 +17833,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17707,7 +17850,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17723,7 +17867,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPO
+           
+             RHEL-08-030180 - The RHEL 8 audit package must be installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -17741,7 +17886,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17759,7 +17905,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17786,7 +17933,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17804,7 +17952,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17822,7 +17971,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030280 - Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17840,7 +17990,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17858,7 +18009,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17876,7 +18028,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17894,7 +18047,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -17912,7 +18066,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17930,7 +18085,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17948,7 +18104,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17966,7 +18123,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -17984,7 +18142,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030314 - Successful/unsuccessful uses of setfiles in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -18002,7 +18161,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030315 - Successful/unsuccessful uses of userhelper in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -18020,7 +18180,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -18038,7 +18199,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information.
+ 
+@@ -18056,7 +18218,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030320 - Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18074,7 +18237,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18092,7 +18256,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18110,7 +18275,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030350 - Successful/unsuccessful uses of the newgrp command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18128,7 +18294,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030360 - Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18148,7 +18315,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18173,7 +18341,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030370 - Successful/unsuccessful uses of the gpasswd command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18191,7 +18360,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18209,7 +18379,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18227,7 +18398,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030410 - Successful/unsuccessful uses of the chsh command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18245,7 +18417,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030420 - Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18270,7 +18443,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030480 - Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18294,7 +18468,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18317,7 +18492,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18335,7 +18511,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030560 - Successful/unsuccessful uses of the usermod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18353,7 +18530,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030570 - Successful/unsuccessful uses of the chacl command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18371,7 +18549,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18399,7 +18578,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030600 - Successful/unsuccessful modifications to the lastlog file in RHEL 8 must generate an audit record.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18427,7 +18607,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18457,7 +18638,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPO
+           
+             RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+ 
+@@ -18475,7 +18657,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
+           
+             RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without the capability to restrict the roles and individuals that can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured audits may degrade the system's performance by overwhelming the audit log. Misconfigured audits may also make it more difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
+           
+@@ -18487,7 +18670,8 @@ Allocating an audit_backlog_limit of sufficient size is critical in maintaining
+           
+             RHEL-08-030620 - RHEL 8 audit tools must have a mode of 0755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -18503,7 +18687,8 @@ Audit tools include, but are not limited to, vendor-provided and open source aud
+           
+             RHEL-08-030630 - RHEL 8 audit tools must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -18521,7 +18706,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
+           
+             RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit information.
+ 
+@@ -18539,7 +18725,8 @@ Satisfies: SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPO
+           
+             RHEL-08-030670 - RHEL 8 must have the packages required for offloading audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18562,7 +18749,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18585,7 +18773,8 @@ Note that a port number was given as there is no standard port for RELP.
+             RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18603,7 +18792,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Information stored in one location is vulnerable to accidental or incidental deletion or alteration.
+ 
+@@ -18627,7 +18817,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030730 - RHEL 8 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
+           
+@@ -18639,7 +18830,8 @@ Satisfies: SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224
+           
+             RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -18657,7 +18849,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.
+ 
+@@ -18675,7 +18868,8 @@ Note that USNO offers authenticated NTP service to DoD and U.S. Government agenc
+           
+             RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18697,7 +18891,8 @@ If a privileged user were to log on using this service, the privileged user pass
+           
+             RHEL-08-040001 - RHEL 8 must not have any automated bug reporting tools installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18715,7 +18910,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040002 - RHEL 8 must not have the sendmail package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18733,7 +18929,8 @@ Verify the operating system is configured to disable non-essential capabilities.
+           
+             RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18753,7 +18950,8 @@ Kernel page-table isolation is a kernel feature that mitigates the Meltdown secu
+           
+             RHEL-08-040010 - RHEL 8 must not have the rsh-server package installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -18773,7 +18971,8 @@ Satisfies: SRG-OS-000095-GPOS-00049, SRG-OS-000074-GPOS-00042
            
              RHEL-08-040021 - RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.
              
@@ -24956,7 +24487,7 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14041,7 +14267,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
+@@ -18789,7 +18988,8 @@ The Asynchronous Transfer Mode (ATM) is a protocol operating on network, data li
            
              RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.
              
@@ -24966,7 +24497,7 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14057,7 +14284,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
+@@ -18805,7 +19005,8 @@ The Controller Area Network (CAN) is a serial communications protocol, which was
            
              RHEL-08-040023 - RHEL 8 must disable the stream control transmission protocol (SCTP).
              
@@ -24976,7 +24507,7 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14073,7 +14301,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
+@@ -18821,7 +19022,8 @@ The Stream Control Transmission Protocol (SCTP) is a transport layer protocol, d
            
              RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol.
              
@@ -24986,7 +24517,7 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14089,7 +14318,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
+@@ -18837,7 +19039,8 @@ The Transparent Inter-Process Communication (TIPC) protocol is designed to provi
            
              RHEL-08-040025 - RHEL 8 must disable mounting of cramfs.
              
@@ -24996,7 +24527,7 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14105,7 +14335,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
+@@ -18853,7 +19056,8 @@ Compressed ROM/RAM file system (or cramfs) is a read-only file system designed f
            
              RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support.
              
@@ -25006,7 +24537,17 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14119,7 +14350,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+@@ -18867,7 +19071,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
+           
+             RHEL-08-040070 - The RHEL 8 file system automounter must be disabled unless required.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity.
+           
+@@ -18879,7 +19084,8 @@ The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time commu
            
              RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.
              
@@ -25016,7 +24557,17 @@ index 4b581f4a0..31e165cbf 100644
              
              USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.
  
-@@ -14133,7 +14365,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
+@@ -18893,7 +19099,8 @@ Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163
+           
+             RHEL-08-040100 - A firewall must be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -18911,7 +19118,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
            
              RHEL-08-040111 - RHEL 8 Bluetooth must be disabled.
              
@@ -25026,7 +24577,477 @@ index 4b581f4a0..31e165cbf 100644
              
              Without protection of communications with wireless peripherals, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read, altered, or used to compromise the RHEL 8 operating system.
  
-@@ -14149,7 +14382,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+@@ -18927,7 +19135,8 @@ Protecting the confidentiality and integrity of communications with wireless per
+           
+             RHEL-08-040120 - RHEL 8 must mount /dev/shm with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18945,7 +19154,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040121 - RHEL 8 must mount /dev/shm with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18961,7 +19171,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040122 - RHEL 8 must mount /dev/shm with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18979,7 +19190,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040123 - RHEL 8 must mount /tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -18997,7 +19209,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040124 - RHEL 8 must mount /tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19013,7 +19226,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040125 - RHEL 8 must mount /tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19031,7 +19245,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19049,7 +19264,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19067,7 +19283,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19085,7 +19302,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040129 - RHEL 8 must mount /var/log/audit with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19103,7 +19321,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040130 - RHEL 8 must mount /var/log/audit with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19121,7 +19340,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19139,7 +19359,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040132 - RHEL 8 must mount /var/tmp with the nodev option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19157,7 +19378,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19175,7 +19397,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040134 - RHEL 8 must mount /var/tmp with the noexec option.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19193,7 +19416,8 @@ The "nosuid" mount option causes the system to not execute "setuid" and "setgid"
+           
+             RHEL-08-040135 - The RHEL 8 fapolicy module must be installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -19215,7 +19439,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
+           
+             RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
+ 
+@@ -19231,7 +19456,8 @@ Since version 0.6.0, "firewalld" has incorporated "nftables" as its backend supp
+           
+             RHEL-08-040160 - All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -19249,7 +19475,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+           
+             RHEL-08-040161 - RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -19269,7 +19496,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A locally logged-on user, who presses Ctrl-Alt-Delete when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -19281,7 +19509,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A locally logged-on user, who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -19293,7 +19522,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+           
+@@ -19305,7 +19535,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine.  While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd.  This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
+           
+@@ -19317,7 +19548,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040190 - The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented with the Information System Security Officer (ISSO), restricted to only authorized personnel, and have access control rules established.
+           
+@@ -19329,7 +19561,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.
+           
+@@ -19341,7 +19574,8 @@ Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000420-GPOS-00186, SRG-OS-000424-GPO
+           
+             RHEL-08-040210 - RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -19361,7 +19595,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040220 - RHEL 8 must not send Internet Control Message Protocol (ICMP) redirects.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -19383,7 +19618,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.
+ 
+@@ -19404,7 +19640,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -19424,7 +19661,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040250 - RHEL 8 must not forward IPv6 source-routed packets by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -19444,7 +19682,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -19464,7 +19703,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -19486,7 +19726,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040262 - RHEL 8 must not accept router advertisements on all IPv6 interfaces by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.
+ 
+@@ -19508,7 +19749,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040270 - RHEL 8 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.
+ 
+@@ -19530,7 +19772,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -19550,7 +19793,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19570,7 +19814,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant  processes.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19590,7 +19835,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040283 - RHEL 8 must restrict exposed kernel pointer addresses access.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19610,7 +19856,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040284 - RHEL 8 must disable the use of user namespaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19630,7 +19877,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19650,7 +19898,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
+           
+@@ -19662,7 +19911,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
+           
+@@ -19674,7 +19924,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040330 - RHEL 8 network interfaces must not be in promiscuous mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.
+ 
+@@ -19688,7 +19939,8 @@ If the system is being used to perform a network troubleshooting function, the u
+           
+             RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The security risk of using X11 forwarding is that the client's X11 display server may be exposed to attack when the SSH client requests forwarding.  A system administrator may have a stance in which they want to protect clients that may expose themselves to attack by unwittingly requesting X11 forwarding, which can warrant a "no" setting.
+ 
+@@ -19704,7 +19956,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address.  By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DIPSLAY environment variable to localhost.  This prevents remote hosts from connecting to the proxy display.
+           
+@@ -19716,7 +19969,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
+           
+@@ -19728,7 +19982,8 @@ If X11 services are not required for the system's intended function, they should
+           
+             RHEL-08-040360 - A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The FTP service provides an unencrypted remote access that does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to log on using this service, the privileged user password could be compromised. SSH or other encrypted file transfer methods must be used in place of this service.
+           
+@@ -19740,7 +19995,8 @@ If X11 services are not required for the system's intended function, they should
            
              RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8.
              
@@ -25036,7 +25057,87 @@ index 4b581f4a0..31e165cbf 100644
              
              It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
  
-@@ -14165,7 +14399,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+@@ -19756,7 +20012,8 @@ The gssproxy package is a proxy for GSS API credential handling and could expose
+           
+             RHEL-08-040380 - The iprutils package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19772,7 +20029,8 @@ The iprutils package provides a suite of utilities to manage and configure SCSI
+           
+             RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -19788,7 +20046,8 @@ The tuned package contains a daemon that tunes the system settings dynamically.
+           
+             RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
+ 
+@@ -19806,7 +20065,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
+           
+@@ -19818,7 +20078,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password. 
+ For more information on each of the listed configurations, reference the sudoers(5) manual page.
+@@ -19831,7 +20092,8 @@ For more information on each of the listed configurations, reference the sudoers
+           
+             RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -19847,7 +20109,8 @@ If the value is set to an integer less than 0, the user's time stamp will not ex
+           
+             RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+ 
+@@ -19863,7 +20126,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
+           
+             RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If the system does not require valid root authentication before it boots into emergency or rescue mode, anyone who invokes emergency or rescue mode is granted privileged access to all files on the system.
+           
+@@ -19875,7 +20139,8 @@ Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
            
              RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
              
@@ -25046,7 +25147,267 @@ index 4b581f4a0..31e165cbf 100644
              
              Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised.
  
-@@ -14181,7 +14416,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+@@ -19891,7 +20156,8 @@ FIPS 140-2 is the current standard for validating that mechanisms used to access
+           
+             RHEL-08-010201 - The RHEL 8 SSH daemon must be configured with a timeout interval.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Terminating an idle SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.
+ 
+@@ -19909,7 +20175,8 @@ Satisfies: SRG-OS-000163-GPOS-00072, SRG-OS-000126-GPOS-00066, SRG-OS-000279-GPO
+           
+             RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict.  Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values.  Random number generators are one of the most important building blocks of cryptosystems.  
+ 
+@@ -19923,7 +20190,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010522 - The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.
+           
+@@ -19935,7 +20203,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010544 - RHEL 8 must use a separate file system for /var/tmp.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
+           
+@@ -19947,7 +20216,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-010572 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.
+           
+@@ -19959,7 +20229,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-020032 - RHEL 8 must disable the user list at logon for graphical user interfaces.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to enumerate known user accounts without authenticated access to the system.
+           
+@@ -19971,7 +20242,8 @@ The rngd service feeds random data from hardware device to kernel random device.
+           
+             RHEL-08-020082 - RHEL 8 must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not log out because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, operating systems need to be able to identify when a user's session has idled and take action to initiate the session lock.
+ 
+@@ -19991,7 +20263,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
+           
+             RHEL-08-020332 - RHEL 8 must not allow blank or null passwords in the password-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -20003,7 +20276,8 @@ Satisfies: SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, SRG-OS-000480-GPO
+           
+             RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without establishing what type of events occurred, the source of events, where events occurred, and the outcome of events, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
+ 
+@@ -20021,7 +20295,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-030731 - RHEL 8 must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume 75 percent utilization.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If security personnel are not notified immediately when storage volume reaches 75 percent utilization, they are unable to plan for audit record storage capacity expansion.
+           
+@@ -20033,7 +20308,8 @@ Satisfies: SRG-OS-000062-GPOS-00031, SRG-OS-000037-GPOS-00015, SRG-OS-000038-GPO
+           
+             RHEL-08-040101 - A firewall must be active on RHEL 8.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             "Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols.
+ 
+@@ -20050,7 +20326,8 @@ RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement action if
+           
+             RHEL-08-040136 - The RHEL 8 fapolicy module must be enabled.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting.
+ 
+@@ -20072,7 +20349,8 @@ Satisfies: SRG-OS-000368-GPOS-00154, SRG-OS-000370-GPOS-00155, SRG-OS-000480-GPO
+           
+             RHEL-08-040139 - RHEL 8 must have the USBGuard installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
+ Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers.
+@@ -20088,7 +20366,8 @@ The System Administrator (SA) must work with the site Information System Securit
+           
+             RHEL-08-040141 - RHEL 8 must enable the USBGuard.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
+ 
+@@ -20106,7 +20385,8 @@ The System Administrator (SA) must work with the site Information System Securit
+           
+             RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. 
+ 
+@@ -20124,7 +20404,8 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPO
+           
+             RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -20144,7 +20425,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -20164,7 +20446,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040249 - RHEL 8 must not forward IPv4 source-routed packets by default.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.
+ 
+@@ -20184,7 +20467,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040279 - RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.
+ 
+@@ -20204,7 +20488,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.
+ 
+@@ -20226,7 +20511,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
+           
+@@ -20238,7 +20524,8 @@ The sysctl --system command will load settings from all system configuration fil
+           
+             RHEL-08-010331 - RHEL 8 library directories must have mode 755 or less permissive.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -20252,7 +20539,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010341 - RHEL 8 library directories must be owned by root.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -20266,7 +20554,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010351 - RHEL 8 library directories must be group-owned by root or a system account.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process.
+ 
+@@ -20280,7 +20569,8 @@ This requirement applies to RHEL 8 with software libraries that are accessible a
+           
+             RHEL-08-010385 - The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Without re-authentication, users may access resources or perform tasks for which they do not have authorization. 
+ 
+@@ -20296,7 +20586,8 @@ Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPO
+           
+             RHEL-08-020101 - RHEL 8 must ensure the password complexity module is enabled in the system-auth file.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -20312,7 +20603,8 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
            
              RHEL-08-020102 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.
              
@@ -25056,7 +25417,27 @@ index 4b581f4a0..31e165cbf 100644
              
              Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
  
-@@ -14199,7 +14435,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -20330,7 +20622,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           
+             RHEL-08-020103 - RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. "pwquality" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.
+ 
+@@ -20348,7 +20641,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+           
+             RHEL-08-040321 - The graphical display manager must not be the default target on RHEL 8 unless approved.
+             
+-              Red Hat Enterprise Linux 8
++              Red Hat Enterprise Linux 8
++AlmaLinux 8
+             
+             Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
+           
+@@ -20360,7 +20654,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            
              RHEL-08-020035 - RHEL 8 must terminate idle user sessions.
              
@@ -25066,51 +25447,36 @@ index 4b581f4a0..31e165cbf 100644
              
              Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.
            
-@@ -14439,15 +14676,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           
-           
+@@ -20423,11 +20718,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+         
+           
          
--        
-+        
-           
-           
+-        
++        
+           
+           
          
--        
-+        
-           
-           
+-        
++        
+           
+           
          
--        
-+        
-           
-         
-         
-@@ -16259,18 +16496,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           ^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b
+@@ -22363,12 +22658,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            1
          
--        
+         
 -          /boot/efi/EFI/redhat/grub.cfg
-+        
 +          /boot/efi/EFI/almalinux/grub.cfg
            ^\s*set\s+superusers\s*=\s*"(\w+)"\s*$
            1
          
--        
+         
 -          /boot/efi/EFI/redhat/user.cfg
-+        
 +          /boot/efi/EFI/almalinux/user.cfg
            ^\s*GRUB2_PASSWORD=(\S+)\b
            1
          
--        
--          /boot/efi/EFI/redhat/grub.cfg
-+        
-+          /boot/efi/EFI/almalinux/grub.cfg
-         
-         
-           /boot/grub2/grub.cfg
-@@ -18753,7 +18990,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
+@@ -26048,7 +26343,8 @@ By limiting the number of attempts to meet the pwquality module complexity requi
            
              RHEL 8 is installed
              
@@ -25120,229 +25486,222 @@ index 4b581f4a0..31e165cbf 100644
              
              
              RHEL 8 is installed
-diff --git a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-index 1c187bcb8..3b5dc3363 100644
---- a/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel9-v2r1-xccdf-scap.xml
-@@ -20786,7 +20786,7 @@ include "/etc/crypto-policies/back-ends/bind.config";
-           
-           
-             
--              
-+              
-               
-                 
-                 
-@@ -28886,7 +28886,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
-           
-           
-         
--        
-+        
-           
-         
-         
-@@ -32714,7 +32714,7 @@ Satisfies: SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190
-           1
-         
-         
--          /boot/efi/EFI/redhat/grub.cfg
-+          /boot/efi/EFI/almalinux/grub.cfg
-         
-         
-           /etc/grub2-efi.cfg
+diff --git a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
+index 8c002663d..c8d3ff1a4 100644
+--- a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
++++ b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # This test only applies to platforms that check the pwquality.conf.d directory
+-# platform = Oracle Linux 8,multi_platform_rhel
++# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
+ 
+ truncate -s 0 /etc/security/pwquality.conf
+diff --git a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
+index 689093008..c25c13332 100644
+--- a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
++++ b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # This test only applies to platforms that check the pwquality.conf.d directory
+-# platform = Oracle Linux 8,multi_platform_rhel
++# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
+ # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
+ 
+ # This test will ensure that OVAL also checks the configuration in
 diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
-index 503895c33..33e242420 100644
+index f35478ae3..8d7c31f98 100644
 --- a/shared/templates/audit_rules_dac_modification/ansible.template
 +++ b/shared/templates/audit_rules_dac_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
-index 5d782e0bd..11bd40b58 100644
+index 2260965cb..2c6707b89 100644
 --- a/shared/templates/audit_rules_dac_modification/bash.template
 +++ b/shared/templates/audit_rules_dac_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_file_deletion_events/ansible.template b/shared/templates/audit_rules_file_deletion_events/ansible.template
-index 33b29b977..cbee8fdf7 100644
+index c0dce6859..5bcfac929 100644
 --- a/shared/templates/audit_rules_file_deletion_events/ansible.template
 +++ b/shared/templates/audit_rules_file_deletion_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
-index b3eab4edb..da237aa3d 100644
+index 2858e24a6..91bf1579e 100644
 --- a/shared/templates/audit_rules_file_deletion_events/bash.template
 +++ b/shared/templates/audit_rules_file_deletion_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
-index 52d93ba02..18a26fc62 100644
+index a0ce0a51c..7e344b993 100644
 --- a/shared/templates/audit_rules_login_events/ansible.template
 +++ b/shared/templates/audit_rules_login_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
-index f0b83b1bf..72506c7ee 100644
+index ee534c3ca..34923127e 100644
 --- a/shared/templates/audit_rules_login_events/bash.template
 +++ b/shared/templates/audit_rules_login_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_almalinux
  
  # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
  
 diff --git a/shared/templates/audit_rules_path_syscall/ansible.template b/shared/templates/audit_rules_path_syscall/ansible.template
-index 68b43b439..9d9ce2fad 100644
+index 1dd7ca308..f97964025 100644
 --- a/shared/templates/audit_rules_path_syscall/ansible.template
 +++ b/shared/templates/audit_rules_path_syscall/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
-index 332c87def..cdcf6352c 100644
+index bd0192aeb..058988292 100644
 --- a/shared/templates/audit_rules_path_syscall/bash.template
 +++ b/shared/templates/audit_rules_path_syscall/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_almalinux
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_privileged_commands/ansible.template b/shared/templates/audit_rules_privileged_commands/ansible.template
-index 0e2a29c80..a78d71da2 100644
+index ccb8ec9f4..c67a95e81 100644
 --- a/shared/templates/audit_rules_privileged_commands/ansible.template
 +++ b/shared/templates/audit_rules_privileged_commands/ansible.template
 @@ -1,7 +1,7 @@
- {{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204"] %}}
+ {{%- if product in ["almalinux9", "fedora", "ol7", "ol8", "ol9", "ol10", "rhel8", "rhel9", "rhel10", "sle12", "sle15", "slmicro5", "ubuntu2004", "ubuntu2204", "ubuntu2404"] %}}
    {{%- set perm_x=" -F perm=x" %}}
  {{%- endif %}}
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
-index 181597906..f886020ab 100644
+index f69107c16..d389f575b 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 +++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  # packages = audit
  
  source common.sh
 diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
-index fd902a020..010590172 100644
+index b0d822535..afbc05e03 100644
 --- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
 +++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  
  source common.sh
  
 diff --git a/shared/templates/audit_rules_syscall_events/ansible.template b/shared/templates/audit_rules_syscall_events/ansible.template
-index 16dec9827..5e953196e 100644
+index 1f556b0d2..baa14dbf7 100644
 --- a/shared/templates/audit_rules_syscall_events/ansible.template
 +++ b/shared/templates/audit_rules_syscall_events/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_syscall_events/bash.template b/shared/templates/audit_rules_syscall_events/bash.template
-index bd5bb94cb..d1f68626a 100644
+index 343f03b23..804d945b9 100644
 --- a/shared/templates/audit_rules_syscall_events/bash.template
 +++ b/shared/templates/audit_rules_syscall_events/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
-index 40c2e96a1..87cd84907 100644
+index 82cb103fb..0f479ecb9 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
-index f41ed4106..7ba2388b6 100644
+index 4e59cfca5..9bb9082f8 100644
 --- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 +++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
  
  # First perform the remediation of the syscall rule
  # Retrieve hardware architecture of the underlying system
 diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
-index 0ffb15ba1..a7ee3c41d 100644
+index b14979b23..a718b8fc4 100644
 --- a/shared/templates/audit_rules_usergroup_modification/ansible.template
 +++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = low
 diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
-index a573b6a1b..7011157d8 100644
+index 9677fec59..8910d9c69 100644
 --- a/shared/templates/grub2_bootloader_argument/ansible.template
 +++ b/shared/templates/grub2_bootloader_argument/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_almalinux
  # reboot = true
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
-index 7a7ba6899..ac12c1878 100644
+index 07057cbb1..ed634fb2f 100644
 --- a/shared/templates/grub2_bootloader_argument/bash.template
 +++ b/shared/templates/grub2_bootloader_argument/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_debian
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  {{#
     See the OVAL template for more comments.
     Product-specific categorization should be synced across all template content types
 diff --git a/shared/templates/grub2_bootloader_argument/blueprint.template b/shared/templates/grub2_bootloader_argument/blueprint.template
-index 7e9ea909e..152f27303 100644
+index cc156f03c..b06ea2b10 100644
 --- a/shared/templates/grub2_bootloader_argument/blueprint.template
 +++ b/shared/templates/grub2_bootloader_argument/blueprint.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_almalinux
  {{%- if ARG_VARIABLE %}}
  {{%- set ARG_NAME_VALUE = ARG_NAME ~ "=(blueprint-populate " ~ ARG_VARIABLE ~ ")" -%}}
  {{%- endif %}}
@@ -25441,22 +25800,22 @@ index 75c487299..411b739e3 100644
  
  source common.sh
 diff --git a/shared/templates/grub2_bootloader_argument_absent/ansible.template b/shared/templates/grub2_bootloader_argument_absent/ansible.template
-index 51fc98b7a..c6b147d87 100644
+index ad49c09bf..6cdba6e6f 100644
 --- a/shared/templates/grub2_bootloader_argument_absent/ansible.template
 +++ b/shared/templates/grub2_bootloader_argument_absent/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
  # reboot = true
  # strategy = restrict
  # complexity = medium
 diff --git a/shared/templates/grub2_bootloader_argument_absent/bash.template b/shared/templates/grub2_bootloader_argument_absent/bash.template
-index 8d7d6e9ea..18b900e51 100644
+index 06db2fbc2..f5a7e41db 100644
 --- a/shared/templates/grub2_bootloader_argument_absent/bash.template
 +++ b/shared/templates/grub2_bootloader_argument_absent/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
  {{#
     See the OVAL template for more comments.
     Product-specific categorization should be synced across all template content types
@@ -25497,22 +25856,22 @@ index e51f669fd..00a74f76f 100644
  
  # Adds argument with a value from kernel command line in /etc/default/grub
 diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
-index b3f7c4121..457c70957 100644
+index 998035e8c..3db93118b 100644
 --- a/shared/templates/kernel_module_disabled/ansible.template
 +++ b/shared/templates/kernel_module_disabled/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  # reboot = true
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
-index 5bf2bffce..683f24818 100644
+index 314a31ee1..1e6ef65cd 100644
 --- a/shared/templates/kernel_module_disabled/bash.template
 +++ b/shared/templates/kernel_module_disabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro
  # reboot = true
  # strategy = disable
  # complexity = low
@@ -25528,23 +25887,23 @@ index c77cebfbb..2820e9745 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
-index 8a1319eed..fb20c3b4a 100644
+index 4c389c10a..06c0d2945 100644
 --- a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
 +++ b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_almalinux,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_almalinux,multi_platform_ubuntu
  
- echo > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
+ sed -i /{{{ KERNMODULE }}}/d /etc/modprobe.d/*.conf
  echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
 diff --git a/shared/templates/mount/anaconda.template b/shared/templates/mount/anaconda.template
-index fdcb4ee3e..0d1d8dc24 100644
+index 6550b4300..4dfc1387e 100644
 --- a/shared/templates/mount/anaconda.template
 +++ b/shared/templates/mount/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -25568,42 +25927,42 @@ index fc2bdebd7..3c7833aa7 100644
  
  logvol {{{ MOUNTPOINT }}} {{{ MIN_SIZE_MB }}}
 diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
-index 083b0ef00..14f7018a9 100644
+index 4f3a09392..ede75bd57 100644
 --- a/shared/templates/mount_option/anaconda.template
 +++ b/shared/templates/mount_option/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/mount_option_removable_partitions/anaconda.template b/shared/templates/mount_option_removable_partitions/anaconda.template
-index 8665fb913..07cd9e3ad 100644
+index b35a0a6af..8adb9efc6 100644
 --- a/shared/templates/mount_option_removable_partitions/anaconda.template
 +++ b/shared/templates/mount_option_removable_partitions/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/anaconda.template b/shared/templates/package_installed/anaconda.template
-index 0ac55f51f..dd0bcddea 100644
+index 0eb53d1f5..f5f517c69 100644
 --- a/shared/templates/package_installed/anaconda.template
 +++ b/shared/templates/package_installed/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
-index d19004461..e0d4b55f3 100644
+index dcd451ddb..8b0205381 100644
 --- a/shared/templates/package_installed/bash.template
 +++ b/shared/templates/package_installed/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle,multi_platform_slmicro,multi_platform_debian,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -25628,12 +25987,12 @@ index be0fc1de8..8284a5711 100644
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/package_removed/anaconda.template b/shared/templates/package_removed/anaconda.template
-index 489f9bb0f..0120d927c 100644
+index e65354bc4..b52caefb3 100644
 --- a/shared/templates/package_removed/anaconda.template
 +++ b/shared/templates/package_removed/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  # reboot = false
  # strategy = disable
  # complexity = low
@@ -25657,31 +26016,30 @@ index 486ebbbdc..963412bac 100644
  # reboot = false
  # strategy = disable
  # complexity = low
-diff --git a/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh b/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-index b3232cc93..ec32d65f7 100644
---- a/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
+diff --git a/shared/templates/pam_account_password_faillock/ansible.template b/shared/templates/pam_account_password_faillock/ansible.template
+index c0fa0253a..a02f209df 100644
+--- a/shared/templates/pam_account_password_faillock/ansible.template
++++ b/shared/templates/pam_account_password_faillock/ansible.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
+ # reboot = false
+ # strategy = restrict
+ # complexity = low
 diff --git a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
-index 24f5731f6..c118c9be0 100644
+index 1e4ab26a7..88a935f88 100644
 --- a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9
+-# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
++# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
  
- pam_files=("password-auth" "system-auth")
+ {{{ tests_init_faillock_vars("correct") }}}
  
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
-index aa3ca061d..6d383b228 100644
+index e9f8a06f4..9ad610942 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
 @@ -1,6 +1,6 @@
@@ -25690,21 +26048,21 @@ index aa3ca061d..6d383b228 100644
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
+ {{{ tests_init_faillock_vars("correct") }}}
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
-index 67c1b593b..74bb77abe 100644
+index 92ea40e0a..5c9713f74 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # packages = authselect
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
+ {{{ tests_init_faillock_vars("correct") }}}
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
-index e770e300f..ceffa12a0 100644
+index b5d27377a..673054ece 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
@@ -25712,23 +26070,35 @@ index e770e300f..ceffa12a0 100644
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
- authselect select sssd --force
-diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
-index fd57152b8..0ee33185e 100644
---- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_faillock_conf.fail.sh
+ {{{ tests_init_faillock_vars("correct") }}}
+ 
+diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
+index d900ff868..026db5019 100644
+--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
++++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
  #!/bin/bash
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
- authselect select sssd --force
+ {{{ tests_init_faillock_vars("lenient_high") }}}
+ 
+diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
+index bcb8d1002..78259d2a5 100644
+--- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
++++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
+@@ -1,6 +1,6 @@
+ #!/bin/bash
+ # packages = authselect
+-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
++# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+ 
+ {{{ tests_init_faillock_vars("lenient_low") }}}
+ 
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index efb57601c..4127e7265 100644
+index 56f9acccc..f555b7279 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
 @@ -1,6 +1,6 @@
@@ -25737,21 +26107,21 @@ index efb57601c..4127e7265 100644
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
  # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
+ {{{ tests_init_faillock_vars("correct") }}}
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
-index e3ec96da0..56c6b75f3 100644
+index ec6595447..fbfac8ee9 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_almalinux
  # packages = authselect
  # remediation = none
- # variables = var_accounts_passwords_pam_faillock_deny=3
+ 
 diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
-index 595b85192..392d025a0 100644
+index 008462181..b33b8034d 100644
 --- a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
 +++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
 @@ -1,6 +1,6 @@
@@ -25759,267 +26129,267 @@ index 595b85192..392d025a0 100644
  # packages = authselect
 -# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 +# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,AlmaLinux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
- # variables = var_accounts_passwords_pam_faillock_deny=3
  
- authselect select sssd --force
+ {{{ tests_init_faillock_vars("stricter") }}}
+ 
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
-index 0fa452ba0..8e9abbe3a 100755
+index 6dc2de7fd..fdb4958dc 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
-index 54804685b..1c4b4f3e1 100755
+index d27da1f43..d46623c0b 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
-index 1ba8e0cda..02f0e77e9 100755
+index f2c932fef..5088ec4ba 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
-index 321df77d9..756bdb524 100755
+index 33c38414c..5491eb006 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
-index dc362ae00..36867bb2b 100755
+index b2275b3c2..b2c2cf3bd 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
-index 4aef9fb84..0b7cbcd5f 100755
+index 64d086e6a..4a8f94453 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
-index 203f640f5..a127500e8 100755
+index ca9eba6ef..ae34564d4 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
-index f623b6be4..8d4399023 100755
+index 3f4e7df04..c49513dad 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
-index c825c0b08..746d6dfa4 100755
+index f44bb3447..6eeb2c3d7 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
-index a8e723bee..a1e6b245c 100755
+index 21afe80d1..65da94e6e 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
-index d3f639a2b..b5d757274 100755
+index 463855aed..a96575370 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
-index d3be7ffc3..5b4b11307 100755
+index e9f60c118..b78d34651 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
-index c1c5758d8..3e7441a4a 100755
+index 96f742342..315e53f37 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
-index 3d3bbbd8e..ae10153cd 100755
+index c7daa47a3..bb7b4eaf8 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
-index 868318728..d744d549d 100755
+index 197308dbf..d134df914 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_exceptions.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
-index 96e9ddaf3..8c8a59a3a 100755
+index 23a5a95cb..35c2848cd 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
-index ec9296694..6bd64894b 100755
+index 4a4e48fac..ad0963805 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
-index 9dcbe0c2e..b7f6323c9 100755
+index aec74f164..025c22574 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
-index dc9ea0eef..9c6694804 100755
+index 8ec0af9f6..ea03d22a8 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
-index 6acb37ad7..d235e6249 100755
+index c29eff561..9d80bc4c8 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
-index abdb09c48..9cc24d061 100755
+index 697ac6846..4e94e8cd5 100755
 --- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
 +++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
 @@ -1,5 +1,5 @@
  #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_almalinux
  
  # Declare variables used for the tests and define the create_rsyslog_test_logs function
  source $SHARED/rsyslog_log_utils.sh
 diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
-index a17337508..1e9769b17 100644
+index a0089363d..d6bb431f3 100644
 --- a/shared/templates/sebool/ansible.template
 +++ b/shared/templates/sebool/ansible.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
-index ecfd73fa8..6c515ced4 100644
+index 66ea331bd..015faccd0 100644
 --- a/shared/templates/sebool/bash.template
 +++ b/shared/templates/sebool/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,SUSE Linux Enterprise 15
  # reboot = false
  # strategy = enable
  # complexity = low
 diff --git a/shared/templates/service_disabled/bash.template b/shared/templates/service_disabled/bash.template
-index c8b6826b2..6bbb8eb2a 100644
+index 4c93f2b84..0f8e4a67e 100644
 --- a/shared/templates/service_disabled/bash.template
 +++ b/shared/templates/service_disabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = false
  # strategy = disable
  # complexity = low
@@ -26043,13 +26413,23 @@ index 1ab456524..724e7b779 100644
  # reboot = true
  # strategy = disable
  # complexity = low
+diff --git a/shared/templates/service_disabled_guard_var/bash.template b/shared/templates/service_disabled_guard_var/bash.template
+index 0afd3332d..62c4762e7 100644
+--- a/shared/templates/service_disabled_guard_var/bash.template
++++ b/shared/templates/service_disabled_guard_var/bash.template
+@@ -1,4 +1,4 @@
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+ # reboot = false
+ # strategy = disable
+ # complexity = low
 diff --git a/shared/templates/service_enabled/bash.template b/shared/templates/service_enabled/bash.template
-index d290a399a..2dc4121f9 100644
+index 3249f02c9..615fc7d94 100644
 --- a/shared/templates/service_enabled/bash.template
 +++ b/shared/templates/service_enabled/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
++# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -26064,22 +26444,22 @@ index 451af774a..27ac615a2 100644
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
-index b3aafbc27..f2755cdc1 100644
+index 1f417d314..bf428c95c 100644
 --- a/shared/templates/sysctl/bash.template
 +++ b/shared/templates/sysctl/bash.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
+-# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
++# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
  # reboot = true
  # strategy = disable
  # complexity = low
 diff --git a/shared/templates/systemd_mount_enabled/anaconda.template b/shared/templates/systemd_mount_enabled/anaconda.template
-index 42ec0778d..475010b6a 100644
+index fb289f812..cce43c520 100644
 --- a/shared/templates/systemd_mount_enabled/anaconda.template
 +++ b/shared/templates/systemd_mount_enabled/anaconda.template
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_almalinux
  # reboot = false
  # strategy = enable
  # complexity = low
@@ -26104,26 +26484,26 @@ index e14d59dfc..1b236a130 100644
  # Correct BLS option using grubby, which is a thin wrapper around BLS operations
  grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
 diff --git a/ssg/constants.py b/ssg/constants.py
-index 6fefa4ed1..286465e77 100644
+index cf58db6a1..a2f2adcfd 100644
 --- a/ssg/constants.py
 +++ b/ssg/constants.py
-@@ -40,6 +40,7 @@ SSG_REF_URIS = {
- product_directories = [
+@@ -41,6 +41,7 @@ product_directories = [
      'alinux2',
      'alinux3',
+     'almalinux9',
 +    'almalinux8',
      'anolis8',
      'anolis23',
      'al2023',
-@@ -203,6 +204,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
- FULL_NAME_TO_PRODUCT_MAPPING = {
+@@ -205,6 +206,7 @@ FULL_NAME_TO_PRODUCT_MAPPING = {
      "Alibaba Cloud Linux 2": "alinux2",
      "Alibaba Cloud Linux 3": "alinux3",
-+    "AlmaLinux 8": "almalinux8",
+     "AlmaLinux OS 9": "almalinux9",
++    "AlmaLinux OS 8": "almalinux8",
      "Anolis OS 8": "anolis8",
      "Anolis OS 23": "anolis23",
      "Amazon Linux 2023": "al2023",
-@@ -284,7 +286,7 @@ REFERENCES = dict(
+@@ -287,7 +289,7 @@ REFERENCES = dict(
  )
  
  
@@ -26132,15 +26512,16 @@ index 6fefa4ed1..286465e77 100644
                         "openeuler", "kylinserver",
                         "opensuse", "sle", "ol", "ocp", "rhcos",
                         "example", "eks", "alinux", "anolis", "openembedded", "al",
-@@ -292,6 +294,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
+@@ -295,7 +297,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
  
  MULTI_PLATFORM_MAPPING = {
      "multi_platform_alinux": ["alinux2", "alinux3"],
-+    "multi_platform_almalinux": ["almalinux8"],
+-    "multi_platform_almalinux": ["almalinux9"],
++    "multi_platform_almalinux": ["almalinux8", "almalinux9"],
      "multi_platform_anolis": ["anolis8", "anolis23"],
      "multi_platform_debian": ["debian11", "debian12"],
      "multi_platform_example": ["example"],
-@@ -439,6 +442,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
+@@ -445,6 +447,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = {
      'eks': 'Amazon Elastic Kubernetes Service',
      'al': 'Amazon Linux',
      'openembedded': 'OpenEmbedded',
@@ -26149,12 +26530,12 @@ index 6fefa4ed1..286465e77 100644
  
  # References that can not be used with product-qualifiers
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
-index ff0b30f03..0116294f1 100644
+index 347d1c831..946ee9ab0 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
  # reboot = false
  # strategy = restrict
  # complexity = low
@@ -26302,22 +26683,22 @@ index 9461c3ddd..5b5b06ac9 100644
  # packages = crypto-policies-scripts
  
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
-index 1c1560a86..fc86b614e 100644
+index 9841212f6..5591d45a3 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
  # reboot = false
  # strategy = restrict
  # complexity = low
 diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
-index 10ecee505..3d3098f4e 100644
+index 3b634ce07..22f9316d7 100644
 --- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
 +++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
 @@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
++# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_almalinux,multi_platform_rhv
  # reboot = true
  # strategy = restrict
  # complexity = low