diff --git a/.gitignore b/.gitignore
index 633d33d..1ce8d7c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -62,3 +62,4 @@
 /scap-security-guide-0.1.77.tar.bz2
 /scap-security-guide-0.1.78.tar.bz2
 /scap-security-guide-0.1.79.tar.bz2
+/scap-security-guide-0.1.80.tar.bz2
diff --git a/1001-add-almalinux10-os-detection.patch b/1001-add-almalinux10-os-detection.patch
new file mode 100644
index 0000000..ca47563
--- /dev/null
+++ b/1001-add-almalinux10-os-detection.patch
@@ -0,0 +1,67 @@
+From 11a53afdfb0e69e8d2773b078f0a2816a9e015c0 Mon Sep 17 00:00:00 2001
+From: Andrew Lukoshko <alukoshko@cloudlinux.com>
+Date: Tue, 15 Jul 2025 08:59:00 +0000
+Subject: [PATCH] Add AlmaLinux OS 10 detection
+
+---
+ .../oval/shared.xml                           |  2 +-
+ .../oval/installed_OS_is_almalinux10.xml      | 34 +++++++++++++++++++
+ 2 files changed, 35 insertions(+), 1 deletion(-)
+ create mode 100644 shared/checks/oval/installed_OS_is_almalinux10.xml
+
+diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
+index a028877c1..fd4e433c1 100644
+--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
++++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
+@@ -4,7 +4,7 @@
+         The operating system installed on the system is supported by a vendor that provides security patches.
+       ", rule_title=rule_title) }}}
+     <criteria comment="Installed operating system is supported by a vendor" operator="OR">
+-      <extend_definition comment="Installed OS is ALMALINUX9" definition_ref="installed_OS_is_almalinux9" />
++      <extend_definition comment="Installed OS is ALMALINUX10" definition_ref="installed_OS_is_almalinux10" />
+       <extend_definition comment="Installed OS is RHEL8" definition_ref="installed_OS_is_rhel8" />
+       <extend_definition comment="Installed OS is RHEL9" definition_ref="installed_OS_is_rhel9" />
+       <extend_definition comment="Installed OS is RHEL10" definition_ref="installed_OS_is_rhel10" />
+diff --git a/shared/checks/oval/installed_OS_is_almalinux10.xml b/shared/checks/oval/installed_OS_is_almalinux10.xml
+new file mode 100644
+index 000000000..34f942d90
+--- /dev/null
++++ b/shared/checks/oval/installed_OS_is_almalinux10.xml
+@@ -0,0 +1,34 @@
++<def-group>
++  <definition class="inventory" id="installed_OS_is_almalinux10" version="3">
++    <metadata>
++      <title>AlmaLinux OS 10</title>
++      <affected family="unix">
++        <platform>multi_platform_all</platform>
++      </affected>
++      <reference ref_id="cpe:/o:almalinux:almalinux:10" source="CPE" />
++      <description>The operating system installed on the system is AlmaLinux OS 10</description>
++    </metadata>
++    <criteria comment="current OS is 10" operator="AND">
++      <extend_definition comment="Installed OS is part of the Unix family" definition_ref="installed_OS_is_part_of_Unix_family" />
++      <criterion comment="AlmaLinux OS is installed" test_ref="test_almalinux" />
++      <criterion comment="AlmaLinux OS 10 is installed" test_ref="test_almalinux10" />
++    </criteria>
++  </definition>
++
++  <unix:file_test check="all" check_existence="all_exist" comment="/etc/almalinux-release exists" id="test_almalinux" version="1">
++    <unix:object object_ref="obj_almalinux" />
++  </unix:file_test>
++  <unix:file_object comment="check /etc/almalinux file" id="obj_almalinux" version="1">
++    <unix:filepath>/etc/almalinux-release</unix:filepath>
++  </unix:file_object>
++
++  <ind:textfilecontent54_test check="all" check_existence="at_least_one_exists" comment="Check Custom OS version" id="test_almalinux10" version="1">
++    <ind:object object_ref="obj_almalinux10" />
++  </ind:textfilecontent54_test>
++  <ind:textfilecontent54_object id="obj_almalinux10" version="1" comment="Check AlmaLinux OS version">
++    <ind:filepath>/etc/almalinux-release</ind:filepath>
++    <ind:pattern operation="pattern match">^AlmaLinux release 10.[0-9]+ .*$</ind:pattern>
++    <ind:instance datatype="int">1</ind:instance>
++  </ind:textfilecontent54_object>
++
++</def-group>
+-- 
+2.43.7
+
diff --git a/1002-update-ensure-almalinux-gpgkey-installed-for-10.patch b/1002-update-ensure-almalinux-gpgkey-installed-for-10.patch
new file mode 100644
index 0000000..7ff681e
--- /dev/null
+++ b/1002-update-ensure-almalinux-gpgkey-installed-for-10.patch
@@ -0,0 +1,89 @@
+From b2c41a173e769e3540d080a0fabe6ee52a7e60ec Mon Sep 17 00:00:00 2001
+From: Andrew Lukoshko <alukoshko@cloudlinux.com>
+Date: Tue, 27 May 2025 08:04:50 +0000
+Subject: [PATCH] Update ensure_almalinux_gpgkey_installed for 10
+
+---
+ .../ensure_almalinux_gpgkey_installed/ansible/shared.yml    | 6 +++---
+ .../ensure_almalinux_gpgkey_installed/bash/shared.sh        | 2 +-
+ .../updating/ensure_almalinux_gpgkey_installed/rule.yml     | 6 +++---
+ .../tests/key_installed.pass.sh                             | 4 ++--
+ 4 files changed, 9 insertions(+), 9 deletions(-)
+
+diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
+index add0cd7dd..1cf05952d 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
++++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
+@@ -13,7 +13,7 @@
+ 
+ - name: Read signatures in GPG key
+   # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
+-  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
++  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10"
+   changed_when: False
+   register: gpg_fingerprints
+   check_mode: no
+@@ -30,9 +30,9 @@
+ - name: Import AlmaLinux GPG key
+   ansible.builtin.rpm_key:
+     state: present
+-    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
++    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
+   when:
+    - gpg_key_directory_permission.stat.mode <= '0755'
+    - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
+    - gpg_installed_fingerprints | length > 0
+-   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "9"
++   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "10"
+diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
+index f78a6fb82..10b7819c4 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
++++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
+@@ -2,7 +2,7 @@
+ readonly ALMALINUX_RELEASE_FINGERPRINT="{{{ release_key_fingerprint }}}"
+ 
+ # Location of the key we would like to import (once it's integrity verified)
+-readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
++readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10"
+ 
+ RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
+ 
+diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
+index e9c73de58..c60a1b027 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
++++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
+@@ -8,7 +8,7 @@ description: |-
+     come from AlmaLinux (and to connect to the AlmaLinux repositories to 
+     receive them), the AlmaLinux GPG key must be properly installed. To install 
+     the AlmaLinux GPG key, run:
+-    <pre>$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9</pre>
++    <pre>$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10</pre>
+ 
+ rationale: |-
+     Changes to software components can have significant effects on the overall
+@@ -41,8 +41,8 @@ ocil: |-
+     To ensure that the GPG key is installed, run:
+     <pre>$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey</pre>
+     The command should return the string below:
+-    <pre>AlmaLinux OS 9 &lt;packager@almalinux.org&gt; public key</pre>
++    <pre>AlmaLinux OS 10 &lt;packager@almalinux.org&gt; public key</pre>
+ 
+ fixtext: |-
+     Install {{{ full_name }}} GPG key. Run the following command:
+-    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
++    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
+diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
+index 87b82cb01..ba588f308 100644
+--- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
++++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
+@@ -1,5 +1,5 @@
+ #!/bin/bash
+ #
+-# platform = AlmaLinux OS 9
++# platform = AlmaLinux OS 10
+ 
+-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
++rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
+-- 
+2.43.7
+
diff --git a/1003-exclude-almalinux-from-pqc-gpgkey-check.patch b/1003-exclude-almalinux-from-pqc-gpgkey-check.patch
new file mode 100644
index 0000000..1cf0ec8
--- /dev/null
+++ b/1003-exclude-almalinux-from-pqc-gpgkey-check.patch
@@ -0,0 +1,70 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Andrew Lukoshko <alukoshko@almalinux.org>
+Date: Mon, 31 Mar 2026 00:00:00 +0000
+Subject: [PATCH] Exclude AlmaLinux from PQC GPG key check
+
+AlmaLinux does not have PQC keys. Exclude it from the PQC key
+conditionals in ensure_redhat_gpgkey_installed to prevent duplicate
+OVAL entity IDs when pqc_pkg_version/pqc_pkg_release are empty.
+
+---
+ .../ensure_redhat_gpgkey_installed/ansible/shared.yml | 4 ++--
+ .../ensure_redhat_gpgkey_installed/oval/shared.xml    | 6 +++---
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml
+index 1111111..2222222 100644
+--- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml
++++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/ansible/shared.yml
+@@ -11,7 +11,7 @@
+ 
+ # It should fail if it doesn't find any fingerprints in file - maybe file was not parsed well.
+ 
+-{{% if "rhel" in families  and major_version_ordinal >= 10 %}}
++{{% if "rhel" in families and major_version_ordinal >= 10 and "almalinux" not in product %}}
+ # RHEL >= 10: Use sq command from sequoia-sq package
+ - name: "{{{ rule_title }}}:  Read signatures in GPG key using sq"
+   ansible.builtin.command: sq inspect /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+@@ -40,7 +40,7 @@
+ 
+ {{% endif %}}
+ 
+-{{% if "rhel" in families and major_version_ordinal >= 10 %}}
++{{% if "rhel" in families and major_version_ordinal >= 10 and "almalinux" not in product %}}
+ - name: "{{{ rule_title }}}: Set Fact - Valid fingerprints (without PQC)"
+   ansible.builtin.set_fact:
+     gpg_valid_fingerprints:
+diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/oval/shared.xml
+index 3333333..4444444 100644
+--- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/oval/shared.xml
++++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/oval/shared.xml
+@@ -12,7 +12,7 @@
+         test_ref="test_redhat_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" />
+           <criterion comment="package gpg-pubkey-{{{ aux_pkg_version }}}-{{{ aux_pkg_release }}} is installed"
+           test_ref="test_redhat_package_gpgkey-{{{ aux_pkg_version }}}-{{{ aux_pkg_release }}}_installed" />
+-{{% if "rhel" in families  and major_version_ordinal >= 10 %}}
++{{% if "rhel" in families and major_version_ordinal >= 10 and "almalinux" not in product %}}
+           <criteria comment="If RHEL is 10.1 or newer then PQC key must be installed" operator="OR">
+             <criterion comment="RHEL is older than 10.1" test_ref="test_{{{ rule_id }}}_rhel_is_10_1_or_newer" negate="true" />
+             <criteria comment="RHEL is 10.1 or newer AND PQC is installed" operator="AND">
+@@ -64,7 +64,7 @@
+     <linux:version>{{{ aux_pkg_version }}}</linux:version>
+   </linux:rpminfo_state>
+ 
+-{{% if "rhel" in families  and major_version_ordinal >= 10 %}}
++{{% if "rhel" in families and major_version_ordinal >= 10 and "almalinux" not in product %}}
+   <!-- Test for Red Hat post quantum cryptography key -->
+   <linux:rpminfo_test check="only one" check_existence="at_least_one_exists"
+   id="test_redhat_package_gpgkey-{{{ pqc_pkg_version }}}-{{{ pqc_pkg_release }}}_installed" version="1"
+@@ -93,7 +93,7 @@
+   </linux:rpminfo_state>
+   {{%- endif %}}
+ 
+-{{% if "rhel" in families and major_version_ordinal >= 10 %}}
++{{% if "rhel" in families and major_version_ordinal >= 10 and "almalinux" not in product %}}
+   <ind:textfilecontent54_test check="all" comment="VERSION_ID in os-release is greater than or equal 10.1" id="test_{{{ rule_id }}}_rhel_is_10_1_or_newer" version="1">
+     <ind:object object_ref="obj_{{{ rule_id }}}_rhel_is_10_1_or_newer" />
+     <ind:state state_ref="state_{{{ rule_id }}}_rhel_is_10_1_or_newer" />
+-- 
+2.43.7
+
diff --git a/add-almalinux10-support.sh b/add-almalinux10-support.sh
new file mode 100644
index 0000000..56422cb
--- /dev/null
+++ b/add-almalinux10-support.sh
@@ -0,0 +1,128 @@
+#!/bin/bash
+# Add AlmaLinux 10 support to scap-security-guide
+# This script is intended to run from the unpacked source root during %prep
+
+set -euo pipefail
+
+# 1. Change GRUB EFI dir to /boot/efi/EFI/almalinux everywhere
+find ./shared ./linux_os ./tests -type f -exec sed -i 's|EFI/redhat|EFI/almalinux|g' {} \;
+
+# 2. Use ensure_almalinux_gpgkey_installed where applicable in controls
+find ./controls -maxdepth 1 -type f -exec sed -i 's|ensure_redhat_gpgkey_installed|ensure_almalinux_gpgkey_installed|g' {} \;
+
+# 3. Add ALMALINUX10 product to build scripts instead of ALMALINUX9
+sed -i \
+    -e 's/ALMALINUX9/ALMALINUX10/g' \
+    -e 's/AlmaLinux OS 9/AlmaLinux OS 10/g' \
+    -e 's/almalinux9/almalinux10/g' \
+    CMakeLists.txt build_product
+
+# 4. Add AlmaLinux support to linux_os, tests, and shared
+find ./linux_os -type d -name ensure_redhat_gpgkey_installed -prune -o -type f -exec sed -i \
+    -e '/prodtype:/s/rhel10/rhel10,almalinux10/g' \
+    -e '/# platform =/{ /multi_platform_almalinux/! s/multi_platform_rhel/multi_platform_rhel,multi_platform_almalinux/g }' \
+    -e '/# platform =/s/Red Hat Enterprise Linux 10/Red Hat Enterprise Linux 10,AlmaLinux OS 10/g' {} \;
+
+find ./tests -type f -exec sed -i \
+    -e '/prodtype:/s/rhel10/rhel10,almalinux10/g' \
+    -e '/# platform =/{ /multi_platform_almalinux/! s/multi_platform_rhel/multi_platform_rhel,multi_platform_almalinux/g }' \
+    -e '/# platform =/s/Red Hat Enterprise Linux 10/Red Hat Enterprise Linux 10,AlmaLinux OS 10/g' {} \;
+
+find ./shared -type f -exec sed -i \
+    -e '/prodtype:/s/rhel10/rhel10,almalinux10/g' \
+    -e '/# platform =/{ /multi_platform_almalinux/! s/multi_platform_rhel/multi_platform_rhel,multi_platform_almalinux/g }' \
+    -e '/# platform =/s/Red Hat Enterprise Linux 10/Red Hat Enterprise Linux 10,AlmaLinux OS 10/g' \
+    -e 's|<platform>Red Hat Enterprise Linux 10</platform>|<platform>Red Hat Enterprise Linux 10</platform>\n<platform>AlmaLinux OS 10</platform>|g' \
+    -e 's|<platform>multi_platform_rhel</platform>|<platform>multi_platform_rhel</platform>\n<platform>multi_platform_almalinux</platform>|g' {} \;
+
+# 5. Improve Ansible support in conditionals
+find ./linux_os -type d -name ensure_redhat_gpgkey_installed -prune -o -type f -exec sed -i \
+    -e '/if product in/ s/"rhel10"/"rhel10", "almalinux10"/g' {} \;
+
+# 6. Add AlmaLinux 10 constants
+sed -i \
+    -e 's/ALMALINUX9/ALMALINUX10/g' \
+    -e 's/AlmaLinux OS 9/AlmaLinux OS 10/g' \
+    -e 's/almalinux9/almalinux10/g' \
+    ssg/constants.py
+
+# 7. Add AlmaLinux 10 product (copy from rhel10 and rebrand)
+rm -fr products/almalinux10
+cp -r products/rhel10 products/almalinux10
+
+if [ -d products/almalinux10/kickstart ]; then
+    for cfg in $(find products/almalinux10/kickstart/ -type f); do
+        mv "$cfg" "$(echo "$cfg" | sed 's/rhel10/almalinux10/g')"
+    done
+    sed -i 's/Red Hat Enterprise Linux 10.*/AlmaLinux OS 10/g' products/almalinux10/kickstart/*
+fi
+
+if [ -d products/almalinux10/transforms ]; then
+    sed -i \
+        -e 's/Red Hat Enterprise Linux/AlmaLinux OS/g' \
+        -e 's/RHEL */AL/g' \
+        -e 's/rhel/almalinux/g' \
+        -e 's/red_hat_linux/almalinuxos_linux/g' \
+        products/almalinux10/transforms/*
+fi
+
+if [ -d products/almalinux10/overlays ]; then
+    sed -i \
+        -e 's/Red Hat Enterprise Linux/AlmaLinux OS/g' \
+        -e 's/Red Hat Network or a Satellite Server/Foreman/g' \
+        -e 's/Red Hat/AlmaLinux/g' \
+        -e 's/RHEL10/AlmaLinux OS 10/g' \
+        -e 's/RHEL/AlmaLinux OS/g' \
+        products/almalinux10/overlays/*
+fi
+
+if [ -d products/almalinux10/controls ]; then
+    for ctl in $(find products/almalinux10/controls/ -type f -name '*rhel10*'); do
+        mv "$ctl" "$(echo "$ctl" | sed 's/rhel10/almalinux10/g')"
+    done
+    find products/almalinux10/controls -type f -exec sed -i \
+        -e 's/Red Hat Enterprise Linux/AlmaLinux OS/g' \
+        -e 's/RHEL10/ALMALINUX10/g' \
+        -e 's/RHEL-10/ALMALINUX-10/g' \
+        -e 's/RHEL/AlmaLinux/g' \
+        -e 's/Red Hat/AlmaLinux/g' \
+        -e '/^id:/s/rhel10/almalinux10/g' \
+        -e '/^product:/s/rhel10/almalinux10/g' \
+        -e 's/ensure_redhat_gpgkey_installed/ensure_almalinux_gpgkey_installed/g' {} \;
+fi
+
+sed -i \
+    -e 's/rhel10/almalinux10/' \
+    -e 's/Red Hat Enterprise Linux/AlmaLinux OS/g' \
+    -e 's/RHEL-10/ALMALINUX-10/g' \
+    -e 's#https://access.redhat.com/security/team/key#https://almalinux.org/security/#' \
+    -e 's/^pkg_release:.*/pkg_release: "668fe8ef"/g' \
+    -e 's/^pkg_version:.*/pkg_version: "c2a1e572"/g' \
+    -e '/^aux_pkg_release:/d' \
+    -e '/^aux_pkg_version:/d' \
+    -e 's/release_key_fingerprint:.*/release_key_fingerprint: "EE6DB7B98F5BF5EDD9DA0DE5DEE5C11CC2A1E572"/g' \
+    -e '/^release_key_fingerprint:/a oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-10.xml.bz2"' \
+    -e '/^auxiliary_key_fingerprint:/d' \
+    -e '/^pqc_key_fingerprint:/d' \
+    -e '/^pqc_pkg_release:/d' \
+    -e '/^pqc_pkg_version:/d' \
+    -e 's/redhat:enterprise_linux/almalinux:almalinux/g' \
+    -e 's/red_hat_linux/almalinuxos_linux/g' \
+    -e '/^centos_/d' \
+    products/almalinux10/product.yml
+
+sed -i 's/rhel/almalinux/g' products/almalinux10/CMakeLists.txt
+
+sed -i -z \
+    -e 's/Red Hat Enterprise Linux/AlmaLinux OS/g' \
+    -e 's/red_hat_linux/almalinuxos_linux/g' \
+    -e 's/Red Hat Enterprise\n    Linux/\n    AlmaLinux OS/g' \
+    -e 's/released ....-..-../released 2025-09-30/g' \
+    -e 's/RHEL/AlmaLinux OS/g' \
+    products/almalinux10/profiles/*
+
+sed -i \
+    -e 's/ensure_redhat_gpgkey_installed/ensure_almalinux_gpgkey_installed/g' \
+    -e 's/rhel10:/almalinux10:/g' \
+    -e "s/'\!ensure_almalinux_gpgkey_installed'/ensure_almalinux_gpgkey_installed/g" \
+    products/almalinux10/profiles/*
diff --git a/scap-security-guide-add-almalinux10-product.patch b/scap-security-guide-add-almalinux10-product.patch
deleted file mode 100644
index c6bb41e..0000000
--- a/scap-security-guide-add-almalinux10-product.patch
+++ /dev/null
@@ -1,6166 +0,0 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 7627ee0bd..f0c768006 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -87,7 +87,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui
- option(SSG_PRODUCT_AL2023 "If enabled, the Amazon Linux 2023 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
--option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux OS 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-+option(SSG_PRODUCT_ALMALINUX10 "If enabled, the AlmaLinux OS 10 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
- option(SSG_PRODUCT_DEBIAN11 "If enabled, the Debian 11 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
-@@ -324,7 +324,7 @@ message(STATUS "Products:")
- message(STATUS "Amazon Linux 2023: ${SSG_PRODUCT_AL2023}")
- message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}")
- message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}")
--message(STATUS "AlmaLinux OS 9: ${SSG_PRODUCT_ALMALINUX9}")
-+message(STATUS "AlmaLinux OS 10: ${SSG_PRODUCT_ALMALINUX10}")
- message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}")
- message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}")
- message(STATUS "Debian 11: ${SSG_PRODUCT_DEBIAN11}")
-@@ -389,8 +389,8 @@ endif()
- if(SSG_PRODUCT_ALINUX3)
-     add_subdirectory("products/alinux3" "alinux3")
- endif()
--if(SSG_PRODUCT_ALMALINUX9)
--    add_subdirectory("products/almalinux9" "almalinux9")
-+if(SSG_PRODUCT_ALMALINUX10)
-+    add_subdirectory("products/almalinux10" "almalinux10")
- endif()
- if(SSG_PRODUCT_ANOLIS8)
-     add_subdirectory("products/anolis8" "anolis8")
-diff --git a/build_product b/build_product
-index 76e3d3a69..57ae1b1a1 100755
---- a/build_product
-+++ b/build_product
-@@ -330,7 +330,7 @@ all_cmake_products=(
- 	AL2023
- 	ALINUX2
- 	ALINUX3
--	ALMALINUX9
-+	ALMALINUX10
- 	ANOLIS23
- 	ANOLIS8
- 	DEBIAN11
-diff --git a/controls/anssi.yml b/controls/anssi.yml
-index 43258e5de..705a8284d 100644
---- a/controls/anssi.yml
-+++ b/controls/anssi.yml
-@@ -1254,7 +1254,7 @@ controls:
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_globally_activated
-           - ensure_gpgcheck_local_packages
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_oracle_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
- 
-diff --git a/controls/cis_almalinux9.yml b/controls/cis_almalinux9.yml
-index 0b8a8ecaf..963d5df62 100644
---- a/controls/cis_almalinux9.yml
-+++ b/controls/cis_almalinux9.yml
-@@ -363,7 +363,7 @@ controls:
-           - l1_workstation
-       status: manual
-       related_rules:
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
- 
-     - id: 1.2.1.2
-       title: Ensure gpgcheck is globally activated (Automated)
-diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml
-index 6e9f1a526..f2fb754fa 100644
---- a/controls/cis_rhel10.yml
-+++ b/controls/cis_rhel10.yml
-@@ -368,7 +368,7 @@ controls:
-           - l1_workstation
-       status: manual
-       related_rules:
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
- 
-     - id: 1.2.1.2
-       title: Ensure gpgcheck is configured (Automated)
-diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
-index a5b889cd5..5c9c9af89 100644
---- a/controls/cis_rhel8.yml
-+++ b/controls/cis_rhel8.yml
-@@ -356,7 +356,7 @@ controls:
-           - l1_workstation
-       status: manual
-       related_rules:
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
- 
-     - id: 1.2.2
-       title: Ensure gpgcheck is globally activated (Automated)
-diff --git a/controls/e8.yml b/controls/e8.yml
-index eecf857ad..4000844eb 100644
---- a/controls/e8.yml
-+++ b/controls/e8.yml
-@@ -24,7 +24,7 @@ controls:
-           - service_avahi-daemon_disabled
-           - package_squid_removed
-           - service_squid_disabled
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_globally_activated
-diff --git a/controls/hipaa.yml b/controls/hipaa.yml
-index 0f5470740..f0b1b567a 100644
---- a/controls/hipaa.yml
-+++ b/controls/hipaa.yml
-@@ -170,7 +170,7 @@ controls:
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_repo_metadata
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_suse_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
-       status: automated
-@@ -1388,7 +1388,7 @@ controls:
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_repo_metadata
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_suse_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
-       status: automated
-@@ -1419,7 +1419,7 @@ controls:
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_repo_metadata
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_suse_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
-       status: automated
-@@ -1439,7 +1439,7 @@ controls:
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_repo_metadata
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_suse_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
-       status: automated
-@@ -1720,7 +1720,7 @@ controls:
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
-           - ensure_gpgcheck_repo_metadata
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - ensure_suse_gpgkey_installed
-           - ensure_almalinux_gpgkey_installed
-       status: automated
-diff --git a/controls/ism_o.yml b/controls/ism_o.yml
-index f697010f5..c3f5e7bd9 100644
---- a/controls/ism_o.yml
-+++ b/controls/ism_o.yml
-@@ -603,7 +603,7 @@ controls:
-           - ensure_gpgcheck_globally_activated
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-           - dnf-automatic_security_updates_only
-       status: automated
- 
-diff --git a/controls/ospp.yml b/controls/ospp.yml
-index d3f59d9a2..5c5bbc813 100644
---- a/controls/ospp.yml
-+++ b/controls/ospp.yml
-@@ -447,7 +447,7 @@ controls:
-           - ensure_gpgcheck_globally_activated
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-       status: automated
- 
-     - id: FPT_TUD_EXT.2
-@@ -461,7 +461,7 @@ controls:
-           - ensure_gpgcheck_globally_activated
-           - ensure_gpgcheck_local_packages
-           - ensure_gpgcheck_never_disabled
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-       status: automated
- 
-     - id: FPT_TST_EXT.1
-diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml
-index 087341f71..3243d6f5a 100644
---- a/controls/pcidss_4.yml
-+++ b/controls/pcidss_4.yml
-@@ -1555,7 +1555,7 @@ controls:
-                 - base
-             status: automated
-             rules:
--                - ensure_redhat_gpgkey_installed
-+                - ensure_almalinux_gpgkey_installed
-                 - ensure_suse_gpgkey_installed
-                 - ensure_almalinux_gpgkey_installed
-                 - ensure_gpgcheck_globally_activated
-diff --git a/controls/stig_rhel8.yml b/controls/stig_rhel8.yml
-index 6bd332f68..41f580913 100644
---- a/controls/stig_rhel8.yml
-+++ b/controls/stig_rhel8.yml
-@@ -3172,7 +3172,7 @@ controls:
-           - medium
-       title: RHEL 8 must ensure cryptographic verification of vendor software packages.
-       rules:
--          - ensure_redhat_gpgkey_installed
-+          - ensure_almalinux_gpgkey_installed
-       status: automated
- 
-     - id: RHEL-08-010358
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-index abea2ac97..c93261cf7 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
-@@ -78,6 +78,6 @@ template:
-           - chmod
-           - fchmod
-           - fchmodat
--{{% if product in ["fedora", "rhel10"] %}}
-+{{% if product in ["fedora", "rhel10", "almalinux10"] %}}
-           - fchmodat2
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/group.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/group.yml
-index 19a1240d1..1bf770ae2 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/group.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_dac_actions/group.yml
-@@ -11,7 +11,7 @@ description: |-
-     still achieving the desired effect. An example of this is that the "-S" calls
-     could be split up and placed on separate lines, however, this is less efficient.
-     Add the following to <tt>/etc/audit/audit.rules</tt>:
--{{% if product in ["fedora", "rhel10"] %}}
-+{{% if product in ["fedora", "rhel10", "almalinux10"] %}}
-     <pre>-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat,fchmodat2 -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod
- {{% else %}}
-     <pre>-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod
-@@ -20,7 +20,7 @@ description: |-
-         -a always,exit -F arch=b32 -S setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr,fremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-     If your system is 64 bit then these lines should be duplicated and the
-     arch=b32 replaced with arch=b64 as follows:
--{{% if product in ["fedora", "rhel10"] %}}
-+{{% if product in ["fedora", "rhel10", "almalinux10"] %}}
-     <pre>-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat,fchmodat2 -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod
- {{% else %}}
-     <pre>-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
-index 536e45f3a..6fc5182e2 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
-index e1aedcc12..041b3a99a 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
-index 19e56d957..62dc263da 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
-index 03066622a..00b22dffc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
-index 5997a0f4b..f8b934477 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
-index 6614a0151..2d8a70c4d 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
-index ca6cb501c..6e94b709f 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
-index 4cf3be21b..634990a72 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
-index a943dcd2f..5a5c849c4 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
-index a3feca25d..eb3da476b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
-index 4cee4cfb3..09d901e81 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
-index b15a095da..44c6a0115 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_accounts_passwords_pam_faillock_dir=/var/run/faillock
- 
- path="/var/run/faillock"
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-index 48bf48bd2..0c9d7c81e 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-index 5d91bba64..5d53ea73c 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- {{{ setup_auditctl_environment() }}}
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-index 92186611b..ee66ac9dc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- {{{ setup_auditctl_environment() }}}
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-index 7e041ef90..1d5b3127b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- {{{ setup_auditctl_environment() }}}
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
-index a6592b8e1..9962409ea 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- {{{ setup_auditctl_environment() }}}
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-index d5c338857..af5946007 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- # augenrules is default for rhel7
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-index 0a16a0c50..8a4e1608a 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- # packages = audit
- # remediation = none
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
-index adbf71ccf..cac9509dd 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_extra_rules_configured.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
- echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-index 2f01315e0..0fcf5d593 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
-  sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
-index 2c3c6124c..0e5ad3011 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
-index ee2c9ce79..cabf11a5b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-index 43e72845c..b16ac83f1 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
- # change key of rules for binaries in /usr/sbin
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
-index 6ef31d987..2da0682e0 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_ignore_dracut_tmp.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
-index a45b84843..f4e964bc1 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_multiple_partitions.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- . $SHARED/partition.sh
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
-index 1f42f8652..e2dbd9bd9 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
- sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-index e58060ff7..556cd112a 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules
- echo "-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-index 8f3c02693..0d251f46b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
- echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-index 2dba37605..c9684121a 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8,multi_platform_ubuntu
- 
- ./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
-index f0ea21841..6f744d05b 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
-index f4fff8181..6c379ca01 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- 
- # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
- {{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
-index 26d02c24e..28daa9106 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
-index 889f83178..7896d4cb1 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
-index 8b2377d44..39c2bba69 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
-index 9c5b7d2eb..cae43ea29 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
-index dd0efe72d..c3e8fc990 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_debian
- 
- # First perform the remediation of the syscall rule
- # Retrieve hardware architecture of the underlying system
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
-index 323a798b1..46fad7416 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
-index 336beb2b7..26c47e462 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
-index 49c97e395..51f48c0f9 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
-index ec76157d4..0f9e9f7cc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
-index 3f43030e9..85e9a47c8 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
-index 8a58bbc38..1a73014dc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-index 09d4e8ff5..6a8e8bdab 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- groupadd group_test
- 
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-index 1343cfbf2..3241e6cdc 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_fedora
- 
- if grep -iwq "log_file" /etc/audit/auditd.conf; then
-     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
-diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
-index d7c821524..f7fd9a307 100644
---- a/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
-+++ b/linux_os/guide/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
- 
- if grep -iwq "log_file" /etc/audit/auditd.conf; then
-     FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
-index 55f407e01..b9084af21 100644
---- a/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
-index 8ce3a4141..da31c4a6b 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_failed/rule.yml
-@@ -28,7 +28,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
-index f29a4afc6..26ac0688c 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
-index 412c67f15..ec1467404 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
-index 413293083..3f8c50a39 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
-index 31dacde7e..293270360 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_success/rule.yml
-@@ -27,7 +27,7 @@ severity: medium
- 
- # on RHEL9 there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
-index 1d08bae3a..3e2300448 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
-index 372b7c27c..4e2ce77e9 100644
---- a/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
-index f62426900..bd3ddd10a 100644
---- a/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
-index dff42045c..d2c25e1a3 100644
---- a/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_create_failed/rule.yml
-@@ -36,7 +36,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
-index c26dc39be..d32b854fd 100644
---- a/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
-index 08c8dc855..e9277f263 100644
---- a/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
-index 6dde3307f..5e762f9c3 100644
---- a/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_create_success/rule.yml
-@@ -30,7 +30,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
-index dab3d0eaa..620596c44 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
-index f3d51b3fe..8c5506edf 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed/rule.yml
-@@ -28,7 +28,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
-index 22d3990f0..ed4f8bce8 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
-index 2fb2c25aa..e182781c4 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
-index bff04fe4c..a56d7f18f 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- {{% set file_contents = """## Successful file delete
- -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid&gt;=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
-index 6f39f271c..43d97b760 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success/rule.yml
-@@ -26,7 +26,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
-index 37b8b3676..d1be71273 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- {{% set file_contents = """## Successful file delete
- -a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
-diff --git a/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
-index a46066d62..731636c7f 100644
---- a/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- {{% set file_contents = """## Successful file delete
- -a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete""" -%}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
-index ff5e61676..f7012bed2 100644
---- a/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
-index 2d9279849..ec6477378 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
-index d7bd0b785..8946478a5 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed/rule.yml
-@@ -36,7 +36,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
-index dae466002..527bc8489 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
-index f07ff3607..62de7826c 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
-index c6f796967..7a6e545c4 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
-index cc6712432..d3c76e38f 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success/rule.yml
-@@ -31,7 +31,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
-index 212ec4ba5..62e1ee6de 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
-index 92310b977..e76e314a6 100644
---- a/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
-index f8cd8b73d..090554c02 100644
---- a/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_module_load/rule.yml b/linux_os/guide/auditing/policy_rules/audit_module_load/rule.yml
-index 4cf215813..fc0b7d504 100644
---- a/linux_os/guide/auditing/policy_rules/audit_module_load/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_module_load/rule.yml
-@@ -27,7 +27,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
-index 231034a9c..460877cec 100644
---- a/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-index 96ee57492..09bfe412b 100644
---- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
-index f9f327973..8683981c1 100644
---- a/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml
-@@ -149,7 +149,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
-index ac946bfe0..7480f574f 100644
---- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
-index 23940aca3..8775144da 100644
---- a/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
-index d9fbc3779..9ae1c9c1e 100644
---- a/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_owner_change_failed/rule.yml
-@@ -28,7 +28,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
-index 25c32a08b..ec96e52c4 100644
---- a/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_owner_change_success/rule.yml
-@@ -26,7 +26,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
-index 97b8a1583..26cb9427a 100644
---- a/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_perm_change_failed/rule.yml
-@@ -28,7 +28,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
-index c95c2a0f4..e755f49a7 100644
---- a/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
-+++ b/linux_os/guide/auditing/policy_rules/audit_perm_change_success/rule.yml
-@@ -26,7 +26,7 @@ severity: medium
- 
- # on RHEL9+ there are rules which cover particular hardware architectures
- # so do not apply this rule but apply the specific one instead
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- platforms:
-     - not aarch64_arch and not ppc64le_arch
- {{% endif %}}
-diff --git a/linux_os/guide/services/base/service_kdump_disabled/kickstart/shared.cfg b/linux_os/guide/services/base/service_kdump_disabled/kickstart/shared.cfg
-index 166a20b8e..1d95807b6 100644
---- a/linux_os/guide/services/base/service_kdump_disabled/kickstart/shared.cfg
-+++ b/linux_os/guide/services/base/service_kdump_disabled/kickstart/shared.cfg
-@@ -1,3 +1,3 @@
--# platform = Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 10,AlmaLinux OS 10
- kdump disable
- service disable kdump
-diff --git a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
-index 1e575a03c..1c27c61b2 100644
---- a/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/package_cron_installed/rule.yml
-@@ -1,4 +1,4 @@
--{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "rhel10", "sle12", "sle15"] %}}
-+{{% if product in [ "ol9", "ol10", "rhel8", "rhel9", "rhel10", "almalinux10", "sle12", "sle15"] %}}
- {{% set package_name = "cronie" %}}
- {{% else %}}
- {{% set package_name = "cron" %}}
-diff --git a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
-index d54589c84..883befbc6 100644
---- a/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
-+++ b/linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml
-@@ -1,4 +1,4 @@
--{{% if product in ["rhel8", "rhel9", "rhel10"] %}}
-+{{% if product in ["rhel8", "rhel9", "rhel10", "almalinux10"] %}}
- {{% set service_name = "crond" %}}
- {{% else %}}
- {{% set service_name = "cron" %}}
-diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
-index 59218a0ea..daba64fed 100644
---- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
-+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
-index 43e16c187..b2af04b32 100644
---- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
-+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_debian
- 
- {{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
- 
-diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
-index 4963780f8..c3bc5b0de 100644
---- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_pool_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_package_remove("ntp") }}}
- 
-diff --git a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
-index fdfe38968..92a468e1e 100644
---- a/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
-+++ b/linux_os/guide/services/ntp/chrony_set_nts/tests/chrony_d_one_server_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = chrony
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_package_remove("ntp") }}}
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
-index c435df983..b80ffbf7b 100644
---- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
-index c435df983..b80ffbf7b 100644
---- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
-index c435df983..b80ffbf7b 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
-index a7d291916..c1802d791 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_pool_misconfigured.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- # packages = chrony
- # variables = var_time_service_set_maxpoll=16
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_package_remove("ntp") }}}
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
-index f6da9d51f..2eeff701b 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_d_one_server_misconfigured.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- # packages = chrony
- # variables = var_time_service_set_maxpoll=16
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_package_remove("ntp") }}}
- 
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
-index c435df983..b80ffbf7b 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
-index c435df983..b80ffbf7b 100644
---- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-index aabc4380f..d41090da7 100644
---- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-+++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
-@@ -45,7 +45,7 @@ warnings:
-       Consequently, the rngd service can't be started in FIPS mode.
- {{% endif %}}
- 
--{{% if product in ["fedora", "ol9", "ol10", "rhel9", "rhel10"] %}}
-+{{% if product in ["fedora", "ol9", "ol10", "rhel9", "rhel10", "almalinux10"] %}}
- platform: not runtime_kernel_fips_enabled
- warnings:
-   - general: |-
-diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
-index a10c4daa1..bfb3121f4 100644
---- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
-+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
-index 9e1f01f53..d7d4c2651 100644
---- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
-+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- ######################################################################
- #By Luke "Brisk-OH" Brisk
- #luke.brisk@boeing.com or luke.brisk@gmail.com
-diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
-index 2ea6b4821..e9398b913 100644
---- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
-+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
-index c54b259d0..78a682cc8 100644
---- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
-+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel
-+# platform = debian 11,debian 10,multi_platform_fedora,Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ bash_instantiate_variables("var_snmpd_ro_string", "var_snmpd_rw_string") }}}
- 
-diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
-index ecc0d0386..c89a8a845 100644
---- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
-+++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- metadata:
-diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
-index ae9b6ceb6..a7e47b156 100644
---- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
-+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- 
- mkdir -p /etc/ssh/sshd_config.d
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-index aed45dc46..193d88a51 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
-@@ -19,7 +19,7 @@ description: |-
-     Also add or update "pam_sss.so" line in auth section of "/etc/pam.d/smartcard-auth" file to
-     include the "allow_missing_name" option, like in the following example:
-     <pre>/etc/pam.d/smartcard-auth:auth sufficient pam_sss.so allow_missing_name</pre>
--    {{% elif product in ["rhel10"] %}}.
-+    {{% elif product in ["rhel10", "almalinux10"] %}}.
-     Ensure you are using the sssd authselect profile with the <tt>with-smartcard</tt> feature enabled.
-     {{% endif %}}
- 
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
-index 20d721658..2a4422daf 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
-index ba800bcea..10d4d2975 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
-index afd575dd8..a76a1a423 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
-index 05ecf8a8a..654864a62 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_conf_d.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/conf.d/unused.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
-index 9758d9bda..998600da6 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
-index eb58f3dcf..4e4cc0fa0 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
-index 262abd276..c6f2babd7 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false_conf_d.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/conf.d/unused.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
-index d3fc7375f..2c189f569 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- echo "[pam]" > $SSSD_FILE
-diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
-index 456f06484..e6fb4c857 100644
---- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
-+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,sssd
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- SSSD_FILE="/etc/sssd/sssd.conf"
- rm -f $SSSD_FILE
-diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
-index 780c4d1a5..ccec13d45 100644
---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
-+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- systemctl set-default multi-user.target
-diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
-index fd3c4a48d..c79a3a43f 100644
---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
-+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/correct_target_under_lib.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- 
- ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
-diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
-index 5ffb26956..f1af96866 100644
---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
-+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
- 
- systemctl set-default graphical.target
-diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
-index 99a85d26d..33cdca2f3 100644
---- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
-+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/tests/wrong_target_under_lib.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
-+# platform = multi_platform_ol,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
- 
- ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
-diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
-index c2feb1fbc..116c6cde5 100644
---- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- metadata:
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
-index 1dd9f4512..4c8892f4a 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ncp
- # packages = dconf,gdm
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-index 6ff96441a..6966391a2 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
- # packages = dconf,gdm
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
-index 9969fcc6f..ac6e95eda 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/correct_value_stig_wrong_db.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
- # packages = dconf,gdm
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
-index c316d7c8f..e942b3ef2 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/missing_value_stig.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
- # packages = dconf,gdm
- 
-diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
-index 7c7d4c073..51c6c97a8 100644
---- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/tests/wrong_value_stig.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_stig
- # packages = dconf,gdm
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
-index e514c5aae..2e2be1afc 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- authselect create-profile test_profile -b sssd
- authselect select "custom/test_profile" --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
-index 6cc976f24..fc1e0791c 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- authselect create-profile test_profile -b sssd
- authselect select "custom/test_profile" --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
-index e514c5aae..2e2be1afc 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- authselect create-profile test_profile -b sssd
- authselect select "custom/test_profile" --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
-index 6cc976f24..fc1e0791c 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- authselect create-profile test_profile -b sssd
- authselect select "custom/test_profile" --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
-index dd32200e4..0d1592798 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- remember_cnt=5
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
-index c4e304ec1..034f7839f 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- remember_cnt=5
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
-index 52e4f15c7..112c068ec 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- remember_cnt=5
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
-index 1296b6744..860edc03a 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- if authselect list-features sssd | grep -q with-pwhistory; then
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
-index dfcaa146c..f18bdd223 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- if authselect list-features sssd | grep -q with-pwhistory; then
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
-index 5f4aa8251..fc8f8a9b4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
-index 24883ef0c..d32d71132 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- if authselect list-features sssd | grep -q with-pwhistory; then
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
-index 694398e7b..37ca0263c 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- remember_cnt=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
-index d9040a495..1536f7f3e 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
- 
- remember_cnt=3
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
-index 8fb16daea..6ef0ceafe 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
-index 1ef54f081..42270486d 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
- {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
-index a0ee8ece7..276673756 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_correct.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
- {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "use_authtok") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
-index c184a3062..baf8384ca 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_use_authtok/tests/rhel_wrong.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "required", "pam_pwhistory.so", "remember") }}}
- {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "required", "pam_pwhistory.so", "remember") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
-index c08e3b426..0cc45b355 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
-index 9742fb75c..d3154fa77 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/bash/shared.sh
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
- {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
-index 52724ed73..276c3c6fc 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_correct.pass.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- {{{ bash_ensure_pam_module_option("/etc/pam.d/system-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
- {{{ bash_ensure_pam_module_option("/etc/pam.d/password-auth", "password", "sufficient", "pam_unix.so", "use_authtok") }}}
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
-index c07b7d56a..fbee6a5e7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_authtok/tests/rhel_wrong.fail.sh
-@@ -1,3 +1,3 @@
- #!/bin/bash
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- sed -i 's/use_authtok/remember/' /etc/pam.d/system-auth /etc/pam.d/password-auth
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-index 2ba38d0ad..bdd471cdc 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- source common.sh
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-index bcfa1a721..2cb77dd13 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- source common.sh
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
-index eef841ce5..021894a32 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
-index aa36b3be2..d116e45b7 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- pam_files=("password-auth" "system-auth")
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
-index 1d4f1f91f..acaf1f6f3 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8
- # remediation = none
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
-index 8128a072f..c28980e01 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora,Oracle Linux 8
-+# platform = multi_platform_fedora,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,Oracle Linux 8
- 
- authselect select sssd --force
- authselect enable-feature with-faillock
-diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-index ffdc55852..cf0858efd 100644
---- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_fedora,Oracle Linux 9,Oracle Linux 8,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 9,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux
- # remediation = none
- 
- authselect select sssd --force
-diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
-index e82ecb7f5..7386d3217 100644
---- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/tests/custom-package-removed.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Package libpwquality cannot be uninstalled normally
- # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-index a13c434ec..a03d90c41 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
-@@ -8,7 +8,7 @@ description: |-
-     Edit the <tt>password</tt> section in
-     <tt>/etc/pam.d/password-auth</tt> to show
-     <tt>password    requisite                                    pam_pwquality.so</tt>.
--    {{% if product in ["fedora", "rhel10"] %}}
-+    {{% if product in ["fedora", "rhel10", "almalinux10"] %}}
-     The <tt>pam_pwquality</tt> module should be enabled using the <tt>authselect</tt> tool.
-     By default, <tt>authselect</tt> always configures <tt>pam_pwquality local_users_only</tt> as a part of <tt>local</tt>, <tt>sssd</tt>, and <tt>winbind</tt> profiles.
-     No additional authselect feature is needed to be enabled.
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-index 1dd65c3f4..aecb405b5 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
-@@ -8,7 +8,7 @@ description: |-
-     Edit the <tt>password</tt> section in
-     <tt>/etc/pam.d/system-auth</tt> to show
-     <tt>password    requisite                                    pam_pwquality.so</tt>.
--    {{% if product in ["fedora", "rhel10"] %}}
-+    {{% if product in ["fedora", "rhel10", "almalinux10"] %}}
-     The <tt>pam_pwquality</tt> module should be enabled using the <tt>authselect</tt> tool.
-     By default, <tt>authselect</tt> always configures <tt>pam_pwquality local_users_only</tt> as a part of <tt>local</tt>, <tt>sssd</tt>, and <tt>winbind</tt> profiles.
-     No additional authselect feature is needed to be enabled.
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-index a151577a5..2f21c2359 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
-index 36ddc1d94..8ec3d927a 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_conflicting_values.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-index d65976fa1..65914eaef 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
-index 39f98ec3f..06837bd37 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
-index d2a2dc2d0..026cc0501 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_duplicate_values.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
-index 2bd6c06a5..97a5f3e66 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-index 459ae7843..86e7dec6d 100644
---- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_retry=3
- 
- source common.sh
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
-index ee1213c2d..c2aca7ae1 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
-index 8d6be38f4..ce2bcce19 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_incorrect_option.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
-index 13f217f02..efb422075 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
-index 5632949e2..fbfe8a0a4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- # remediation = none
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
-index 7f6ff9a97..581c81c47 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_multiple_options.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
-index 10a02eb86..77029c277 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
-index 264df72f1..725cd27ab 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
-index c5e65c44e..8d606b5ea 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_incorrect_option.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
-index c61e9828d..652f95adb 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
-index 6499ed205..c94da4ca0 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- # remediation = none
- 
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
-index 6b5b5767a..01fafdbb9 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_multiple_options.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
-index a1a9ec1ec..c273c78f4 100644
---- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # variables = var_password_hashing_algorithm_pam=sha512
- 
- authselect create-profile hardening -b sssd
-diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
-index 3045574e5..7ce6bb466 100644
---- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
-index 517c83c6e..041e9a29c 100644
---- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
-index ed94337e6..318ed9da3 100644
---- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/masked.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
- 
- systemctl disable --now ctrl-alt-del.target
- systemctl mask --now ctrl-alt-del.target
-diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
-index 3e37419e8..029e44c9d 100644
---- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/tests/not_masked.fail.sh
-@@ -1,4 +1,4 @@
- #!/bin/bash
--# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
-+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
- 
- systemctl unmask ctrl-alt-del.target
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
-index 31c41fba2..c1729abbc 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value_dropin.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- rm -f /etc/systemd/system/emergency.service
- mkdir -p /etc/systemd/system/emergency.service.d/
- cat << EOF > /etc/systemd/system/emergency.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
-index 8fb2960e0..57568d8cb 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value_dropin.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro
- rm -f /etc/systemd/system/emergency.service
- mkdir -p /etc/systemd/system/emergency.service.d/
- cat << EOF > /etc/systemd/system/emergency.service.d/10-oscap.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
-index c15034231..01fbc0695 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_dropin.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- rm -rf /etc/systemd/system/rescue.service.d
- mkdir -p /etc/systemd/system/rescue.service.d
- cat << EOF > /etc/systemd/system/rescue.service.d/10-automatus.conf
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-index f735f3270..027fbbe3d 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
- 
- service_file="/usr/lib/systemd/system/rescue.service"
- sulogin="/usr/lib/systemd/systemd-sulogin-shell"
-diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-index 01701eefb..a3b846c14 100644
---- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_dropin.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
- 
- rm -rf /etc/systemd/system/rescue.service.d
- mkdir -p /etc/systemd/system/rescue.service.d
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
-index 75395cf61..1dcee69f3 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
-index f47326940..42d591752 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = configure
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
-index 6eb24c8ef..718f8cb2e 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
-index 0b31379f0..778d63d74 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/alternative_value.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- echo 'bind W lock-session' >> '/etc/tmux.conf'
- chmod 0644 "/etc/tmux.conf"
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
-index e38203195..55a8aff57 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/correct.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = tmux
- 
- echo 'bind X lock-session' >> '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
-index 45458b6f2..87e6ded51 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/file_empty.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = tmux
- 
- echo > '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
-index 93ed8cbf4..bff755146 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/line_commented.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = tmux
- 
- echo '# bind X lock-session' >> '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
-index da006625e..8e02e36e8 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_keybinding/tests/wrong_permissions.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = tmux
- 
- echo 'bind X lock-session' >> '/etc/tmux.conf'
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
-index 6b2d6cd5e..c20712c9f 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
-index 2cbb501f6..27700c4b4 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
-index 8d59d36d3..526165afe 100644
---- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
- # packages = openssl-pkcs11,libpam-pkcs11
- 
- if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
-index ebcb5ac04..674369a42 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
-index 7bdb759f6..dd157f1e3 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_root/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_debian
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_debian
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
-index db6c94724..57535bb74 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # remediation = none
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
-index c05d6d2c2..5b132cfb6 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
-index c8ab00326..a6a41bb08 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
-index 5e2919e78..c22311899 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_root_gid_zero/tests/other_user_gid_0.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # remediation = none
- 
- useradd --gid 0 root2
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
-index 8469f530b..83ecdd81a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
-index ab0e591f1..605e5d2b0 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian,multi_platform_fedora
- 
- {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
- 
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
-index 8f87bf06e..6bed5ef5a 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
-index 6d79f4e9d..b57b787a8 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
-index 35df572f9..548a5aee6 100644
---- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian
- {{{ bash_instantiate_variables("var_pam_wheel_group_for_su") }}}
- 
- PAM_CONF=/etc/pam.d/su
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-index 4d08bb696..febed69bb 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-index 12a861bb1..d16d24b51 100644
---- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-+++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
-index ceac5e3ff..6b9ed3049 100644
---- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
-+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_bash_history/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel
-+# platform = multi_platform_sle,multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
-index 663a3282c..07e271999 100644
---- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
-+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/tests/invalid_username.fail.sh
-@@ -1,7 +1,7 @@
- #!/bin/bash
- 
- # remediation = none
--# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,multi_platform_ubuntu,multi_platform_sle,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu,multi_platform_sle,multi_platform_fedora
- 
- . $SHARED/grub2.sh
- 
-diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
-index 892523fc4..9fbba1ccb 100644
---- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
-+++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
-index 907b69cc3..bc2426c0c 100644
---- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
-+++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/oval/shared.xml
-@@ -11,7 +11,7 @@
-       test_ref="test_logrotate_conf_no_other_keyword" />
-       <criteria comment="Check if either logrotate timer or cron job is enabled" operator="OR">
-         <criterion comment="Check if /etc/cron.daily/logrotate file exists (and calls logrotate)" test_ref="test_cron_daily_logrotate_existence" />
--{{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
-+{{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "almalinux10", "sle12", "sle15", "slmicro5"] %}}
-         <criterion comment="Check if logrotate timer is enabled" test_ref="test_logrotate_enabled_systemd_target" />
- {{% endif %}}
-       </criteria>
-@@ -54,7 +54,7 @@
-     <ind:instance datatype="int">1</ind:instance>
-   </ind:textfilecontent54_object>
- 
--  {{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "sle12", "sle15", "slmicro5"] %}}
-+  {{% if product in ["ol9", "rhcos4", "rhel9", "rhel10", "almalinux10", "sle12", "sle15", "slmicro5"] %}}
-   <unix:file_test check="all" check_existence="all_exist"
-    comment="look for logrotate.timer in multi-user.target.wants and timers.target.wants"
-    id="test_logrotate_enabled_systemd_target" version="1">
-diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
-index 18d73bb72..231c48285 100644
---- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
-+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # check-import = stdout
- 
- result=$XCCDF_RESULT_PASS
-diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
-index b2a8e350c..e97d0f4a5 100644
---- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
-+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # check-import = stdout
- 
- result=$XCCDF_RESULT_PASS
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
-index cfb1cd690..a89ef4dcc 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel8.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- mkdir -p "/etc"
- filepath="/etc/os-release"
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
-index 52c2500cb..702369f66 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.2.notapplicable.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- mkdir -p "/etc"
- filepath="/etc/os-release"
-diff --git a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
-index 207bfac32..f5e12fe63 100644
---- a/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
-+++ b/linux_os/guide/system/network/network-iptables/package_iptables_installed/tests/rhel9.notapplicable.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- 
- mkdir -p "/etc"
- filepath="/etc/os-release"
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
-index 87306fedb..88e2884bc 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
-index 8792fc668..2c7c4b025 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
-index e222b1c88..85b92ce90 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
-index 4ed2c480c..f59b6d7c3 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
-index 845b013ed..063776b85 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
-index e2951d845..0335df123 100644
---- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
-index 6bb6de134..1f0664a02 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
-index b3d72bb4a..b89b8a35a 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
-index 70e767cc4..fbe1a27a2 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
-index c64da37a3..08535e5a1 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
-index 8b075d55e..0dd17a34b 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
-index 2bfbd9e46..8ea37100a 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
-index aa7d1562b..08668d03c 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
-index 3a60ab17c..728ddb817 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
-index b6e53de36..0b652c7cf 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
-index aeb67c4e0..f47a8ab67 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
-index 52d74441b..08c8c256d 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
-index 9e3a85af9..d4f4d31cb 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
-index 0c8dae788..a26df0c5a 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
-index ea1db12fe..5d8b19f68 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
-index b54e3d12b..125464d7a 100644
---- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
-+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
-index 89d344c4f..1a926adaa 100644
---- a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
-+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # check-import = stdout
- 
- tbl_output=$(nft list tables | grep inet)
-diff --git a/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh b/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
-index 2dc3f4431..24c971141 100644
---- a/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
-+++ b/linux_os/guide/system/network/network_nmcli_permissions/tests/missing_compat_package.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- # packages = polkit
--# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10,AlmaLinux OS 10
- # This TS is a regression test for https://issues.redhat.com/browse/RHEL-87606
- dnf remove -y --noautoremove polkit-pkla-compat
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
-index 0eee598bf..c3aa51320 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- {{{ find_directories(find_parameters="\( -perm -0002 -a ! -perm -1000 \)", fail_message="Found directories with writable sticky bits") }}}
-diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
-index facc0ad8d..f19540f78 100644
---- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- {{{ find_directories(find_parameters="-perm -0002 -uid +"~uid_min, fail_message="Found world-writable directories that are not owned by a system account") }}}
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
-index a6fb2064a..4d8f7030f 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-perm -2000", fail_message="Found SGID executables that are unauthorized", skip_rpm_owned_files=True) }}}
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
-index d7bb76269..08156544b 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-perm -4000", fail_message="Found SUID executables that are unauthorized", skip_rpm_owned_files=True) }}}
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
-index bca90c8ba..4ed275284 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-perm -002", fail_message="Found world-writable files") }}}
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
-index c6b866ea6..392196483 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/tests/world_writable_tmp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- 
- find / -xdev -type f -perm -002 -exec chmod o-w {} \;
- 
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
-index 02e5cd08e..104d1371a 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-nogroup", fail_message="Found ungroupowned files", exclude_directories="sysroot") }}}
-diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
-index 44f6c84dd..b37b68810 100644
---- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
-+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/tests/unowned_file_tmp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # remediation = none
- 
- mount tmpfs /tmp -t tmpfs
-diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
-index 12f46c0b1..cf3e7428c 100644
---- a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel,Ubuntu 24.04
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Ubuntu 24.04
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-nogroup", fail_message="Found ungroupowned files or directories", exclude_directories="sysroot") }}}
-diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
-index ef64cf6aa..2e5220217 100644
---- a/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_ungroupowned/tests/unowned_file_tmp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # remediation = none
- 
- touch /tmp/test
-diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
-index 5c2dda5f9..68877027e 100644
---- a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-nouser", fail_message="Found unowned files or directories") }}}
-diff --git a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
-index c1d6cd0fb..78faa5993 100644
---- a/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_or_dirs_unowned_by_user/tests/unowned_file_tmp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # remediation = none
- 
- touch /tmp/test
-diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
-index 982caa000..5fcb2cf41 100644
---- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # check-import = stdout
- 
- {{{ find_files(find_parameters="-nouser", fail_message="Found unowned files") }}}
-diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
-index c1b6d3e79..8109c5d55 100644
---- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
-+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/tests/unowned_file_tmp.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ubuntu
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # remediation = none
- 
- mount tmpfs /tmp -t tmpfs
-diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
-index 29ec8f733..1e3d5130e 100644
---- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
-+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
-index 83c283c8c..188870908 100644
---- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_etc_security_opasswd/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_slmicro,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Create /etc/security/opasswd if needed
- # Owner group mode root.root 0600
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-index 64c5cc680..8c4537502 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
- 
- for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
- do
-diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-index 651297f9e..7c4db56db 100644
---- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
-+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu,multi_platform_ol
- 
- groupadd group_test
- {{% if 'ol8' in product or 'rhel' in product %}}
-diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
-index b0d594003..4a71eccda 100644
---- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
-index 5ce0decba..b7a4243e4 100644
---- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
-index 59e39270d..5c154d333 100644
---- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
-+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Delete particular /etc/fstab's row if /var/tmp is already configured to
- # represent a mount point (for some device or filesystem other than /tmp)
-diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
-index d94802273..554e34e00 100644
---- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
-index d94802273..554e34e00 100644
---- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
-index 41cbd1197..481afa583 100644
---- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
-index 415b0486d..02b1e991a 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
-index 7a4c107b2..22e209120 100644
---- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
-index 88c683445..fa9b2020d 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-index a15c44348..9ed957ad9 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
-@@ -12,7 +12,7 @@ rationale: |-
- 
- severity: medium
- 
--{{% if product in ["rhel9", "rhel10"] %}}
-+{{% if product in ["rhel9", "rhel10", "almalinux10"] %}}
- conflicts:
-     - sysctl_kernel_core_pattern_empty_string
- {{% endif %}}
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
-index 36e025cc3..e97acde11 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
-index 505b3c12b..cdf18e6dd 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
-index 0541e59a7..50020c28c 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
-index 2e24d9211..7b706bb32 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
-index c9de45e02..d4a930ddb 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
-index 77ebd1e1d..48b035c6a 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
-index 99fb0ec06..0ca16d69a 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
-index ec71c16c9..ce38e3a6e 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10
- 
- # Clean sysctl config directories
- rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
-index ceafd4839..7006e2066 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
-index 7519b7740..af6c30abd 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
-index fdd4fb83e..3274d5b36 100644
---- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
-+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- apiVersion: machineconfiguration.openshift.io/v1
- kind: MachineConfig
- spec:
-diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
-index 9558acad7..52cc0a789 100644
---- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
-+++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Package libselinux cannot be uninstalled normally
- # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-index a028877c1..fd4e433c1 100644
---- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
-@@ -4,7 +4,7 @@
-         The operating system installed on the system is supported by a vendor that provides security patches.
-       ", rule_title=rule_title) }}}
-     <criteria comment="Installed operating system is supported by a vendor" operator="OR">
--      <extend_definition comment="Installed OS is ALMALINUX9" definition_ref="installed_OS_is_almalinux9" />
-+      <extend_definition comment="Installed OS is ALMALINUX10" definition_ref="installed_OS_is_almalinux10" />
-       <extend_definition comment="Installed OS is RHEL8" definition_ref="installed_OS_is_rhel8" />
-       <extend_definition comment="Installed OS is RHEL9" definition_ref="installed_OS_is_rhel9" />
-       <extend_definition comment="Installed OS is RHEL10" definition_ref="installed_OS_is_rhel10" />
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
-index dd096ab41..b180ed3b3 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
- # reboot = true
- # strategy = restrict
- # complexity = low
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-index fc2a50a39..5216b9c9b 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = crypto-policies-scripts
- 
- # IMPORTANT: This is a false negative scenario.
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-index 4414dbb23..5d20befa2 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # packages = crypto-policies-scripts
- 
- update-crypto-policies --set "DEFAULT"
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-index 713b3a918..9e85563e9 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-index d335cd229..29fba75a9 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-index 3c2d65e3c..27bee6e43 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-index 2f734ca0c..b1d3a9e5c 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-index f4f88117f..831b56393 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-index bb2cf5405..ad2c135cc 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_standard
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-index 7dc906f73..f51b7ef62 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_fedora
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # profiles = xccdf_org.ssgproject.content_profile_ospp
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-index 169e6773c..ab47972de 100644
---- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
- # packages = crypto-policies-scripts
- 
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
-index d0a400adf..1f0cf1317 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = crypto-policies-scripts
--# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
- {{% if 'rhel' in product %}}
- # remediation = none
- {{% endif %}}
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
-index b92e82236..138d2c997 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
-+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = crypto-policies-scripts
--# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
-+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
- 
- fips-mode-setup --enable
- FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
-diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-index 4bfb5f6cc..79b3e5420 100644
---- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
-@@ -119,7 +119,7 @@
-   <ind:variable_state id="ste_system_crypto_policy_value" version="2"
-     comment="variable value is set to 'FIPS' or 'FIPS:modifier', where the modifier corresponds
- to a crypto policy module that further restricts the modified crypto policy.">
--  {{% if product in ["ol9","rhel9","rhel10","fedora"] -%}}
-+  {{% if product in ["ol9","rhel9","rhel10", "almalinux10","fedora"] -%}}
-     <ind:value operation="pattern match" datatype="string">^FIPS(:(OSPP|STIG))?$</ind:value>
-   {{%- else %}}
-   {{# Legacy and more relaxed list of crypto policies that were historically considered
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
-index df1317b6b..b3c62cf8c 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- readarray -t FILES_WITH_INCORRECT_HASHES < <(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
-index 30e53fd4c..88bbc9f5a 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- readarray -t FILES_WITH_INCORRECT_OWNERSHIP < <(rpm -Va --nofiledigest | awk '{ if (substr($0,6,1)=="U" || substr($0,7,1)=="G") print $NF }')
-diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
-index a2cee384f..5c01dd1d6 100644
---- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
-+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/sce/shared.sh
-@@ -1,5 +1,5 @@
- #!/usr/bin/env bash
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # check-import = stdout
- 
- readarray -t FILES_WITH_INCORRECT_PERMS < <(rpm -Va --nofiledigest | awk '{ if (substr($0,2,1)=="M") print $NF }')
-diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
-index f8b112e1a..33a266be6 100644
---- a/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
-+++ b/linux_os/guide/system/software/sudo/package_sudo_installed/tests/custom-package-removed.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- # Package libselinux cannot be uninstalled normally
- # as it would cause removal of sudo package which is
-diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-index e43ee7994..8b41b5d93 100644
---- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Oracle Linux 8
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-index 1c68a6ec3..fa8f50b84 100644
---- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_sle,Oracle Linux 8
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Oracle Linux 8
- # reboot = false
- # strategy = unknown
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
-index 015c5b029..508241c9f 100644
---- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/ansible/shared.yml
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
-index eb390cd1f..ac318fa9a 100644
---- a/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/enable_gpgcheck_for_all_repositories/bash/shared.sh
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- function replace_all_gpgcheck {
-     sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-index add0cd7dd..1cf05952d 100644
---- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
-@@ -13,7 +13,7 @@
- 
- - name: Read signatures in GPG key
-   # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
--  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
-+  ansible.builtin.command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10"
-   changed_when: False
-   register: gpg_fingerprints
-   check_mode: no
-@@ -30,9 +30,9 @@
- - name: Import AlmaLinux GPG key
-   ansible.builtin.rpm_key:
-     state: present
--    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
-+    key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
-   when:
-    - gpg_key_directory_permission.stat.mode <= '0755'
-    - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
-    - gpg_installed_fingerprints | length > 0
--   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "9"
-+   - ansible_distribution == "AlmaLinux" and ansible_distribution_version == "10"
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-index f78a6fb82..10b7819c4 100644
---- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
-@@ -2,7 +2,7 @@
- readonly ALMALINUX_RELEASE_FINGERPRINT="{{{ release_key_fingerprint }}}"
- 
- # Location of the key we would like to import (once it's integrity verified)
--readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
-+readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10"
- 
- RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
- 
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-index e9c73de58..c60a1b027 100644
---- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
-@@ -8,7 +8,7 @@ description: |-
-     come from AlmaLinux (and to connect to the AlmaLinux repositories to 
-     receive them), the AlmaLinux GPG key must be properly installed. To install 
-     the AlmaLinux GPG key, run:
--    <pre>$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9</pre>
-+    <pre>$ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10</pre>
- 
- rationale: |-
-     Changes to software components can have significant effects on the overall
-@@ -41,8 +41,8 @@ ocil: |-
-     To ensure that the GPG key is installed, run:
-     <pre>$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey</pre>
-     The command should return the string below:
--    <pre>AlmaLinux OS 9 &lt;packager@almalinux.org&gt; public key</pre>
-+    <pre>AlmaLinux OS 10 &lt;packager@almalinux.org&gt; public key</pre>
- 
- fixtext: |-
-     Install {{{ full_name }}} GPG key. Run the following command:
--    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
-+    $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
-diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
-index 87b82cb01..ba588f308 100644
---- a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
-+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/tests/key_installed.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
- #
--# platform = AlmaLinux OS 9
-+# platform = AlmaLinux OS 10
- 
--rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
-+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
-diff --git a/products/almalinux10/CMakeLists.txt b/products/almalinux10/CMakeLists.txt
-new file mode 100644
-index 000000000..1284434a2
---- /dev/null
-+++ b/products/almalinux10/CMakeLists.txt
-@@ -0,0 +1,26 @@
-+# Sometimes our users will try to do: "cd almalinux10; cmake ." That needs to error in a nice way.
-+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
-+    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
-+endif()
-+
-+set(PRODUCT "almalinux10")
-+
-+ssg_build_product(${PRODUCT})
-+
-+ssg_build_html_cce_table(${PRODUCT})
-+
-+ssg_build_html_srgmap_tables(${PRODUCT})
-+
-+if(SSG_SRG_XLSX_EXPORT)
-+    ssg_build_xlsx_srg_export(${PRODUCT} "srg_gpos")
-+endif()
-+
-+#ssg_build_html_stig_tables(${PRODUCT})
-+#ssg_build_html_stig_tables_per_profile(${PRODUCT} "stig")
-+#ssg_build_html_stig_tables_per_profile(${PRODUCT} "stig_gui")
-+
-+#ssg_build_html_stig_tables(${PRODUCT} "ospp")
-+
-+if(SSG_CENTOS_DERIVATIVES_ENABLED)
-+    ssg_build_derivative_product(${PRODUCT} "centos" "cs10")
-+endif()
-diff --git a/products/almalinux10/overlays/srg_support.xml b/products/almalinux10/overlays/srg_support.xml
-new file mode 100644
-index 000000000..6e0a0ab8c
---- /dev/null
-+++ b/products/almalinux10/overlays/srg_support.xml
-@@ -0,0 +1,173 @@
-+<Group id="srg_support" hidden="true">
-+<title>Documentation to Support DISA OS SRG Mapping</title>
-+<description>These groups exist to document how the AlmaLinux OS
-+product meets (or does not meet) requirements listed in the DISA OS SRG, for
-+those cases where Groups or Rules elsewhere in scap-security-guide do
-+not clearly relate.
-+</description>
-+
-+
-+<!-- The CCI/SRG items referenced here are:
-+     - satisfied (through design and implementation)
-+     - selected in DoD baseline (per CNSS 1253) -->
-+<Rule id="met_inherently_generic">
-+<title>Product Meets this Requirement</title>
-+<rationale>
-+AlmaLinux OS meets this requirement through design and implementation.
-+</rationale>
-+<ocil>AlmaLinux OS 10 supports this requirement and cannot be configured to be out of
-+compliance. This is a permanent not a finding.
-+</ocil>
-+<description>
-+This requirement is a permanent not a finding. No fix is required.
-+</description>
-+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
-+          it should not have CCE association -->
-+<ref disa="15,42,56,206,1084,66,85,86,185,223,171,172,1694,770,804,162,163,164,345,346,1096,1111,1291,386,156,186,1083,1082,1090,804,1127,1128,1129,1248,1265,1314,1362,1368,1310,1311,1328,1399,1400,1404,1405,1427,1499,1632,1693,1665,1674" />
-+</Rule>
-+
-+
-+<!-- The CCI/SRG items referenced here relate to auditing, and are:
-+     - satisfied (through design and implementation)
-+     - selected in DoD baseline (per CNSS 1253) -->
-+<Rule id="met_inherently_auditing">
-+<title>Product Meets this Requirement</title>
-+<rationale>
-+The AlmaLinux OS audit system meets this requirement through design and implementation.
-+</rationale>
-+<ocil>The AlmaLinux OS 10 auditing system supports this requirement and cannot be configured to be out of
-+compliance. Every audit record in AlmaLinux OS includes a timestamp, the operation attempted,
-+success or failure of the operation, the subject involved (executable/process),
-+the object involved (file/path), and security labels for the subject and object.
-+It also includes the ability to label events with custom key labels.  The auditing system
-+centralizes the recording of audit events for the entire system and includes
-+reduction (<tt>ausearch</tt>), reporting (<tt>aureport</tt>), and real-time
-+response (<tt>audispd</tt>) facilities.
-+This is a permanent not a finding.
-+</ocil>
-+<description>
-+This requirement is a permanent not a finding. No fix is required.
-+</description>
-+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
-+          it should not have CCE association -->
-+<ref disa="130,157,131,132,133,134,135,159,174" />
-+</Rule>
-+
-+
-+<!-- The CCI/SRG item referenced here are:
-+     - satisfied (through design and implementation)
-+     - not selected in a DoD baseline -->
-+<Rule id="met_inherently_nonselected">
-+<title>Product Meets this Requirement</title>
-+<rationale>
-+AlmaLinux OS meets this requirement through design and implementation.
-+</rationale>
-+<ocil>AlmaLinux OS 10 supports this requirement and cannot be configured to be out of
-+compliance. This is a permanent not a finding.
-+</ocil>
-+<description>
-+This requirement is a permanent not a finding. No fix is required.
-+</description>
-+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
-+          it should not have CCE association -->
-+<ref disa="34,35,99,154,226,802,872,1086,1087,1089,1091,1424,1426,1428,1209,1214,1237,1269,1338,1425,1670" />
-+</Rule>
-+
-+
-+<!-- The CCI/SRG item listed here are:
-+     - satisfied (by Rules in the guidance, which include the reference)
-+     - not selected in DoD baseline -->
-+<!-- disa="26,32,771,772,831,884,888,1095,1115,1117,1250,1348,1353,1464,1496" -->
-+
-+
-+<!-- The CCI/SRG item referenced here are:
-+     - not satisfied
-+     - not selected in a DoD baseline
-+     - considered out of scope -->
-+<Rule id="unmet_nonfinding_nonselected_scope">
-+<title>Guidance Does Not Meet this Requirement Due to Impracticality or Scope</title>
-+<rationale>
-+The guidance does not meet this requirement.
-+The requirement is impractical or out of scope.
-+</rationale>
-+<ocil>
-+AlmaLinux OS 10 cannot support this requirement without assistance from an external
-+application, policy, or service. This requirement is NA.
-+</ocil>
-+<description>
-+This requirement is NA. No fix is required.
-+</description>
-+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
-+          it should not have CCE association -->
-+<ref disa="21,25,28,29,30,165,221,354,553,779,780,781,1009,1094,1123,1124,1125,1132,1135,1140,1141,1142,1143,1145,1147,1148,1166,1339,1340,1341,1350,1356,1373,1374,1383,1391,1392,1395,1662" />
-+</Rule>
-+
-+
-+<!-- The CCI/SRG items referenced here are:
-+     - not satisfied
-+     - not selected in a DoD baseline
-+     - considered permanent findings -->
-+<Rule id="unmet_finding_nonselected">
-+<title>Implementation of the Requirement is Not Supported</title>
-+<rationale>
-+AlmaLinux OS 10 does not support this requirement.
-+</rationale>
-+<ocil>
-+This is a permanent finding.
-+</ocil>
-+<description>
-+This requirement is a permanent finding and cannot be fixed. An appropriate
-+mitigation for the system must be implemented but this finding cannot be
-+considered fixed.
-+</description>
-+<ref disa="20,31,52,144,1158,1294,1295,1500" />
-+<!-- Note: CCI 52 supported for text login, but not graphical -->
-+</Rule>
-+
-+
-+<!-- The CCI/SRG items referenced here are:
-+     - not satisfied
-+     - selected in a DoD baseline
-+     - considered NA -->
-+<Rule id="unmet_nonfinding_scope">
-+<title>Guidance Does Not Meet this Requirement Due to Impracticality or Scope</title>
-+<rationale>
-+The guidance does not meet this requirement.
-+The requirement is impractical or out of scope.
-+</rationale>
-+<ocil>
-+AlmaLinux OS 10 cannot support this requirement without assistance from an external
-+application, policy, or service. This requirement is NA.
-+</ocil>
-+<description>
-+This requirement is NA. No fix is required.
-+</description>
-+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
-+     it should not have CCE association -->
-+<ref disa="27,218,219,371,372,535,537,539,1682,370,37,24,1112,1126,1143,1149,1157,1159,1210,1211,1274,1372,1376,1377,1352,1401,1555,1556,1150" />
-+</Rule>
-+
-+<Rule id="update_process">
-+<title>A process for prompt installation of OS updates must exist.</title>
-+<rationale>
-+This is a manual inquiry about update procedure.
-+</rationale>
-+<ocil>
-+Ask an administrator if a process exists to promptly and automatically apply OS
-+software updates.  If such a process does not exist, this is a finding.
-+<br /><br />
-+If the OS update process limits automatic updates of software packages, where
-+such updates would impede normal system operation, to scheduled maintenance
-+windows, but still within IAVM-dictated timeframes, this is not a finding.
-+</ocil>
-+<description>
-+Procedures to promptly apply software updates must be established and
-+executed. The AlmaLinux operating system provides support for automating such a
-+process, by running the yum program through a cron job or by managing the
-+system and its packages through the Foreman.
-+</description>
-+<ref disa="1232" />
-+<!-- Note: This is a process, as such, will not receive a CCE -->
-+</Rule>
-+
-+</Group>
-diff --git a/products/almalinux10/product.yml b/products/almalinux10/product.yml
-new file mode 100644
-index 000000000..a428a42ec
---- /dev/null
-+++ b/products/almalinux10/product.yml
-@@ -0,0 +1,54 @@
-+product: almalinux10
-+full_name: AlmaLinux OS 10
-+type: platform
-+
-+families:
-+  - rhel
-+  - rhel-like
-+
-+major_version_ordinal: 10
-+
-+benchmark_id: ALMALINUX-10
-+benchmark_root: "../../linux_os/guide"
-+components_root: "../../components"
-+
-+profiles_root: "./profiles"
-+
-+pkg_manager: "dnf"
-+
-+init_system: "systemd"
-+
-+# EFI and non-EFI configs are stored in same path, see https://fedoraproject.org/wiki/Changes/UnifyGrubConfig
-+
-+sshd_distributed_config: "true"
-+bootable_containers_supported: "true"
-+
-+dconf_gdm_dir: "distro.d"
-+
-+faillock_path: "/var/log/faillock"
-+
-+# The fingerprints below are retrieved from https://almalinux.org/security/
-+pkg_release: "668fe8ef"
-+pkg_version: "c2a1e572"
-+
-+release_key_fingerprint: "EE6DB7B98F5BF5EDD9DA0DE5DEE5C11CC2A1E572"
-+oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-10.xml.bz2"
-+
-+cpes_root: "../../shared/applicability"
-+cpes:
-+  - almalinux10:
-+      name: "cpe:/o:almalinux:almalinux:10"
-+      title: "AlmaLinux OS 10"
-+      check_id: installed_OS_is_almalinux10
-+
-+# Mapping of CPE platform to package
-+platform_package_overrides:
-+  login_defs: "shadow-utils"
-+
-+reference_uris:
-+  cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
-+
-+
-+journald_conf_dir_path: /etc/systemd/journald.conf.d
-+audit_watches_style: modern
-+rsyslog_cafile: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
-diff --git a/products/almalinux10/profiles/anssi_bp28_enhanced.profile b/products/almalinux10/profiles/anssi_bp28_enhanced.profile
-new file mode 100644
-index 000000000..bf0acb490
---- /dev/null
-+++ b/products/almalinux10/profiles/anssi_bp28_enhanced.profile
-@@ -0,0 +1,92 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - marcusburghardt
-+        - vojtapolasek
-+
-+title: 'ANSSI-BP-028 (enhanced)'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+    This draft profile contains configurations that align to ANSSI-BP-028 v2.0 at the enhanced hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:enhanced
-+    - var_password_hashing_algorithm_pam=yescrypt
-+    - var_authselect_profile=local
-+    # Following rules are incompatible with rhel10 product
-+    - '!enable_authselect'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    # RHEL 10 does not support 32 bit architecture
-+    - '!install_PAE_kernel_on_x86-32'
-+    # the package does not exist in RHEL 10
-+    - '!package_dracut-fips-aesni_installed'
-+    # pam_cracklib is not used in RHEL 10
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    - '!cracklib_accounts_password_pam_ucredit'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    # umask is configured at a different place in RHEL 10
-+    - '!sudo_add_umask'
-+    # Non-Red Hat keys are irrelevant on RHEL 10
-+    - '!ensure_oracle_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    # this rule is not automated anymore
-+    - '!security_patches_up_to_date'
-+    # There is only chrony package on RHEL 10, no ntpd
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - 'service_chronyd_enabled'
-+    # RHEL 10 unified the paths for grub2 files. These rules are selected in control file by R29.
-+    - '!file_groupowner_efi_grub2_cfg'
-+    - '!file_owner_efi_grub2_cfg'
-+    - '!file_permissions_efi_grub2_cfg'
-+    - '!file_groupowner_efi_user_cfg'
-+    - '!file_owner_efi_user_cfg'
-+    - '!file_permissions_efi_user_cfg'
-+    # RHEL 10 unified the paths for grub2 files. This rule is selected in control file by R5.
-+    - '!grub2_uefi_password'
-+    # disable R45: Enable AppArmor security profiles
-+    - '!apparmor_configured'
-+    - '!all_apparmor_profiles_enforced'
-+    - '!grub2_enable_apparmor'
-+    - '!package_apparmor_installed'
-+    - '!package_pam_apparmor_installed'
-+    # these packages do not exist in rhel10 (R62)
-+    - '!package_dhcp_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!package_sendmail_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_ypserv_removed'
-+    # RHEL 10 uses a different rule for auditing changes to selinux configuration (R73)
-+    - '!audit_rules_mac_modification'
-+    - audit_rules_mac_modification_etc_selinux
-+    # these rules are failing when they are remediated with Ansible, removing them temporarily until they are fixed
-+    - '!accounts_password_pam_retry'
-+    # These rules are being modified and they are causing trouble in their current state (R67)
-+    - '!sssd_enable_pam_services'
-+    - '!sssd_ldap_configure_tls_reqcert'
-+    - '!sssd_ldap_start_tls'
-+    # These rules are no longer relevant
-+    - '!prefer_64bit_os'
-+    - '!ldap_client_tls_cacertpath'
-+    - '!no_nis_in_nsswitch'
-+    - '!ldap_client_start_tls'
-diff --git a/products/almalinux10/profiles/anssi_bp28_high.profile b/products/almalinux10/profiles/anssi_bp28_high.profile
-new file mode 100644
-index 000000000..1f17eaa75
---- /dev/null
-+++ b/products/almalinux10/profiles/anssi_bp28_high.profile
-@@ -0,0 +1,104 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - marcusburghardt
-+        - vojtapolasek
-+
-+title: 'ANSSI-BP-028 (high)'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+    This draft profile contains configurations that align to ANSSI-BP-028 v2.0 at the high hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:high
-+    - var_password_hashing_algorithm_pam=yescrypt
-+    - var_authselect_profile=local
-+    # the following rule renders UEFI systems unbootable
-+    - '!sebool_secure_mode_insmod'
-+    # Following rules are incompatible with rhel10 product
-+    - '!enable_authselect'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    # RHEL 10 does not support 32 bit architecture
-+    - '!install_PAE_kernel_on_x86-32'
-+    # this timer does not exist in RHEL 10
-+    - '!aide_periodic_checking_systemd_timer'
-+    # the package does not exist in RHEL 10
-+    - '!package_dracut-fips-aesni_installed'
-+    # pam_cracklib is not used in RHEL 10
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    - '!cracklib_accounts_password_pam_ucredit'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    # umask is configured at a different place in RHEL 10
-+    - '!sudo_add_umask'
-+    # Non-Red Hat keys are irrelevant on RHEL 10
-+    - '!ensure_oracle_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    # this rule is not automated anymore
-+    - '!security_patches_up_to_date'
-+    # There is only chrony package on RHEL 10, no ntpd
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - 'service_chronyd_enabled'
-+    # RHEL 10 unified the paths for grub2 files. These rules are selected in control file by R29.
-+    - '!file_groupowner_efi_grub2_cfg'
-+    - '!file_owner_efi_grub2_cfg'
-+    - '!file_permissions_efi_grub2_cfg'
-+    - '!file_groupowner_efi_user_cfg'
-+    - '!file_owner_efi_user_cfg'
-+    - '!file_permissions_efi_user_cfg'
-+    # RHEL 10 unified the paths for grub2 files. This rule is selected in control file by R5.
-+    - '!grub2_uefi_password'
-+    # disable R45: Enable AppArmor security profiles
-+    - '!apparmor_configured'
-+    - '!all_apparmor_profiles_enforced'
-+    - '!grub2_enable_apparmor'
-+    - '!package_apparmor_installed'
-+    - '!package_pam_apparmor_installed'
-+    # these packages do not exist in rhel10 (R62)
-+    - '!package_dhcp_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!package_sendmail_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_ypserv_removed'
-+    # RHEL 10 uses a different rule for auditing changes to selinux configuration (R73)
-+    - '!audit_rules_mac_modification'
-+    - audit_rules_mac_modification_etc_selinux
-+    # these rules are failing when they are remediated with Ansible, removing them temporarily until they are fixed
-+    - '!accounts_password_pam_retry'
-+    # These rules are being modified and they are causing trouble in their current state (R67)
-+    - '!sssd_enable_pam_services'
-+    - '!sssd_ldap_configure_tls_reqcert'
-+    - '!sssd_ldap_start_tls'
-+    # These rules are no longer relevant
-+    - '!prefer_64bit_os'
-+    - '!kernel_config_devkmem'
-+    - '!kernel_config_hardened_usercopy_fallback'
-+    - '!kernel_config_page_poisoning_no_sanity'
-+    - '!kernel_config_page_poisoning_zero'
-+    - '!kernel_config_page_table_isolation'
-+    - '!kernel_config_refcount_full'
-+    - '!kernel_config_retpoline'
-+    - '!kernel_config_security_writable_hooks'
-+    - '!ldap_client_tls_cacertpath'
-+    - '!no_nis_in_nsswitch'
-+    - '!ldap_client_start_tls'
-diff --git a/products/almalinux10/profiles/anssi_bp28_intermediary.profile b/products/almalinux10/profiles/anssi_bp28_intermediary.profile
-new file mode 100644
-index 000000000..4349399a5
---- /dev/null
-+++ b/products/almalinux10/profiles/anssi_bp28_intermediary.profile
-@@ -0,0 +1,67 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - marcusburghardt
-+        - vojtapolasek
-+
-+title: 'ANSSI-BP-028 (intermediary)'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+    This draft profile contains configurations that align to ANSSI-BP-028 v2.0 at the intermediary hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:intermediary
-+    - '!ldap_client_tls_cacertpath'
-+    - var_password_hashing_algorithm_pam=yescrypt
-+    - var_authselect_profile=local
-+    # Following rules are incompatible with rhel10 product
-+    - '!enable_authselect'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    # pam_cracklib is not used in RHEL 10
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_ucredit'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    # umask is configured at a different place in RHEL 10
-+    - '!sudo_add_umask'
-+    # Non-Red Hat keys are irrelevant on RHEL 10
-+    - '!ensure_oracle_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    # this rule is not automated anymore
-+    - '!security_patches_up_to_date'
-+    # these packages do not exist in rhel10 (R62)
-+    - '!package_dhcp_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!package_sendmail_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_ypserv_removed'
-+    # these rules are failing when they are remediated with Ansible, removing them temporarily until they are fixed
-+    - '!accounts_password_pam_retry'
-+    # These rules are being modified and they are causing trouble in their current state (R67)
-+    - '!sssd_enable_pam_services'
-+    - '!sssd_ldap_configure_tls_reqcert'
-+    - '!sssd_ldap_start_tls'
-+    # RHEL 10 unified the paths for grub2 files. This rule is selected in control file by R5.
-+    - '!grub2_uefi_password'
-+    - '!no_nis_in_nsswitch'
-+    - '!ldap_client_start_tls'
-diff --git a/products/almalinux10/profiles/anssi_bp28_minimal.profile b/products/almalinux10/profiles/anssi_bp28_minimal.profile
-new file mode 100644
-index 000000000..6d6492592
---- /dev/null
-+++ b/products/almalinux10/profiles/anssi_bp28_minimal.profile
-@@ -0,0 +1,59 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - marcusburghardt
-+        - vojtapolasek
-+
-+title: 'ANSSI-BP-028 (minimal)'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+    This draft profile contains configurations that align to ANSSI-BP-028 v2.0 at the minimal hardening level.
-+
-+    ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
-+    ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
-+
-+    A copy of the ANSSI-BP-028 can be found at the ANSSI website:
-+    https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
-+
-+    An English version of the ANSSI-BP-028 can also be found at the ANSSI website:
-+    https://cyber.gouv.fr/publications/configuration-recommendations-gnulinux-system
-+
-+selections:
-+    - anssi:all:minimal
-+    - var_password_hashing_algorithm_pam=yescrypt
-+    - var_authselect_profile=local
-+    # Following rules are incompatible with rhel10 product
-+    - '!enable_authselect'
-+    - '!ldap_client_tls_cacertpath'
-+    - '!ldap_client_start_tls'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    # pam_cracklib is not used in RHEL 10
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_ucredit'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!cracklib_accounts_password_pam_ocredit'
-+    # Non-Red Hat keys are irrelevant on RHEL 10
-+    - '!ensure_oracle_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    # this rule is not automated anymore
-+    - '!security_patches_up_to_date'
-+    # these packages do not exist in rhel10 (R62)
-+    - '!package_dhcp_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!package_sendmail_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_ypserv_removed'
-+    # these rules are failing when they are remediated with Ansible, removing then temporarily until they are fixed
-+    - '!accounts_password_pam_retry'
-+    - '!no_nis_in_nsswitch'
-diff --git a/products/almalinux10/profiles/cis.profile b/products/almalinux10/profiles/cis.profile
-new file mode 100644
-index 000000000..fe74c9b09
---- /dev/null
-+++ b/products/almalinux10/profiles/cis.profile
-@@ -0,0 +1,24 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    version: 1.0.0
-+    SMEs:
-+        - mab879
-+        - ggbecker
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 10 Benchmark for Level 2 - Server'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 2 - Server"
-+    configuration from the Center for Internet Security® 
-+    AlmaLinux OS 10 Benchmark™, v1.0.0, released 2025-09-30.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 10 CIS Benchmarks™ content.
-+
-+selections:
-+    - cis_rhel10:all:l2_server
-+    - var_authselect_profile=local
-diff --git a/products/almalinux10/profiles/cis_server_l1.profile b/products/almalinux10/profiles/cis_server_l1.profile
-new file mode 100644
-index 000000000..c6aaf4e56
---- /dev/null
-+++ b/products/almalinux10/profiles/cis_server_l1.profile
-@@ -0,0 +1,24 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    version: 1.0.0
-+    SMEs:
-+        - mab879
-+        - ggbecker
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 10 Benchmark for Level 1 - Server'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 1 - Server"
-+    configuration from the Center for Internet Security® 
-+    AlmaLinux OS 10 Benchmark™, v1.0.0, released 2025-09-30.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 10 CIS Benchmarks™ content.
-+
-+selections:
-+    - cis_rhel10:all:l1_server
-+    - var_authselect_profile=local
-diff --git a/products/almalinux10/profiles/cis_workstation_l1.profile b/products/almalinux10/profiles/cis_workstation_l1.profile
-new file mode 100644
-index 000000000..c5975053e
---- /dev/null
-+++ b/products/almalinux10/profiles/cis_workstation_l1.profile
-@@ -0,0 +1,24 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    version: 1.0.0
-+    SMEs:
-+        - mab879
-+        - ggbecker
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 10 Benchmark for Level 1 - Workstation'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 1 - Workstation"
-+    configuration from the Center for Internet Security® 
-+    AlmaLinux OS 10 Benchmark™, v1.0.0, released 2025-09-30.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 10 CIS Benchmarks™ content.
-+
-+selections:
-+    - cis_rhel10:all:l1_workstation
-+    - var_authselect_profile=local
-diff --git a/products/almalinux10/profiles/cis_workstation_l2.profile b/products/almalinux10/profiles/cis_workstation_l2.profile
-new file mode 100644
-index 000000000..c57f752a2
---- /dev/null
-+++ b/products/almalinux10/profiles/cis_workstation_l2.profile
-@@ -0,0 +1,24 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    version: 1.0.0
-+    SMEs:
-+        - mab879
-+        - ggbecker
-+
-+reference: https://www.cisecurity.org/benchmark/almalinuxos_linux/
-+
-+title: 'CIS AlmaLinux OS 10 Benchmark for Level 2 - Workstation'
-+
-+description: |-
-+    This profile defines a baseline that aligns to the "Level 2 - Workstation"
-+    configuration from the Center for Internet Security® 
-+    AlmaLinux OS 10 Benchmark™, v1.0.0, released 2025-09-30.
-+
-+    This profile includes Center for Internet Security®
-+    AlmaLinux OS 10 CIS Benchmarks™ content.
-+
-+selections:
-+    - cis_rhel10:all:l2_workstation
-+    - var_authselect_profile=local
-diff --git a/products/almalinux10/profiles/default.profile b/products/almalinux10/profiles/default.profile
-new file mode 100644
-index 000000000..7f41b29a6
---- /dev/null
-+++ b/products/almalinux10/profiles/default.profile
-@@ -0,0 +1,45 @@
-+---
-+documentation_complete: true
-+
-+hidden: true
-+
-+title: Default Profile for AlmaLinux OS 10
-+
-+description: |-
-+    This profile contains all the rules that once belonged to the rhel10
-+    product. This profile won't be rendered into an XCCDF Profile entity,
-+    nor it will select any of these rules by default. The only purpose of
-+    this profile is to keep a rule in the product's XCCDF Benchmark.
-+
-+selections:
-+    - grub2_nousb_argument
-+    - audit_rules_kernel_module_loading_create
-+    - grub2_uefi_admin_username
-+    - grub2_uefi_password
-+    - no_tmux_in_shells
-+    - package_tmux_installed
-+    - configure_tmux_lock_after_time
-+    - configure_tmux_lock_command
-+    - configure_tmux_lock_keybinding
-+    - audit_rules_session_events
-+    - enable_authselect
-+    - audit_rules_login_events
-+    - audit_rules_unsuccessful_file_modification
-+    - configure_openssl_tls_crypto_policy
-+    - audit_rules_privileged_commands_pt_chown
-+    - package_iprutils_removed
-+    - service_rlogin_disabled
-+    - service_rsh_disabled
-+    - service_rexec_disabled
-+    - package_scap-security-guide_installed
-+    - set_password_hashing_yescrypt_cost_factor_logindefs
-+    - var_authselect_profile=local
-+    - audit_rules_networkconfig_modification_network_scripts
-+    - package_pam_pwquality_installed
-+    - journald_compress
-+    - socket_systemd-journal-remote_disabled
-+    - package_systemd-journal-remote_installed
-+    - journald_storage
-+    - partition_for_dev_shm
-+    - file_etc_security_opasswd
-+    - sshd_use_strong_macs
-diff --git a/products/almalinux10/profiles/e8.profile b/products/almalinux10/profiles/e8.profile
-new file mode 100644
-index 000000000..2f2c957a8
---- /dev/null
-+++ b/products/almalinux10/profiles/e8.profile
-@@ -0,0 +1,40 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - shaneboulden
-+        - tjbutt58
-+
-+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
-+
-+title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+
-+    This draft profile contains configuration checks for AlmaLinux OS 10
-+    that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
-+
-+    A copy of the Essential Eight in Linux Environments guide can be found at the
-+    ACSC website:
-+
-+    https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
-+
-+selections:
-+    - e8:all
-+    - '!enable_authselect'
-+    # nosha1 crypto policy does not exist in RHEL 10
-+    - var_system_crypto_policy=default_policy
-+    # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
-+    # https://github.com/ComplianceAsCode/content/issues/11285
-+    - '!rpm_verify_permissions'
-+    - '!rpm_verify_ownership'
-+    # these packages do not exist in RHEL 10
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_ypserv_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!security_patches_up_to_date'
-diff --git a/products/almalinux10/profiles/hipaa.profile b/products/almalinux10/profiles/hipaa.profile
-new file mode 100644
-index 000000000..344dcad9e
---- /dev/null
-+++ b/products/almalinux10/profiles/hipaa.profile
-@@ -0,0 +1,69 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - jjaswanson4
-+
-+reference: https://www.hhs.gov/hipaa/for-professionals/index.html
-+
-+title: 'Health Insurance Portability and Accountability Act (HIPAA)'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+
-+    The HIPAA Security Rule establishes U.S. national standards to protect individuals's
-+    electronic personal health information that is created, received, used, or
-+    maintained by a covered entity. The Security Rule requires appropriate
-+    administrative, physical and technical safeguards to ensure the
-+    confidentiality, integrity, and security of electronic protected health
-+    information.
-+
-+    This draft profile configures AlmaLinux OS 10 to the HIPAA Security
-+    Rule identified for securing of electronic protected health information.
-+    Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
-+
-+selections:
-+    - hipaa:all
-+
-+    # RHEL 10 uses a different rule for auditing changes to selinux configuration
-+    # HIPAA 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d) and 164.312(e)
-+    - '!audit_rules_mac_modification'
-+    - audit_rules_mac_modification_etc_selinux
-+
-+    - '!coreos_disable_interactive_boot'
-+    - '!coreos_audit_option'
-+    - '!coreos_nousb_kernel_argument'
-+    - '!coreos_enable_selinux_kernel_argument'
-+    - '!dconf_gnome_remote_access_credential_prompt'
-+    - '!dconf_gnome_remote_access_encryption'
-+    - '!enable_authselect'
-+    - '!ensure_suse_gpgkey_installed'
-+    - '!ensure_fedora_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    - '!grub2_uefi_admin_username'
-+    - '!grub2_uefi_password'
-+    - '!service_ypbind_disabled'
-+    - '!service_zebra_disabled'
-+    - '!package_talk-server_removed'
-+    - '!package_talk_removed'
-+    - '!sshd_use_approved_macs'
-+    - '!sshd_use_approved_ciphers'
-+    - '!accounts_passwords_pam_tally2'
-+    - '!package_audit-audispd-plugins_installed'
-+    - '!auditd_audispd_syslog_plugin_activated'
-+    - '!package_ypserv_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+    - '!package_tcp_wrappers_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_xinetd_removed'
-+    - '!service_xinetd_disabled'
-+    - '!sshd_allow_only_protocol2'
-+    - '!sshd_disable_kerb_auth'
-+    - '!sshd_disable_gssapi_auth'
-+    - '!service_rlogin_disabled'
-+    - '!service_rsh_disabled'
-+    - '!service_rexec_disabled'
-diff --git a/products/almalinux10/profiles/ism_o.profile b/products/almalinux10/profiles/ism_o.profile
-new file mode 100644
-index 000000000..622f68ef1
---- /dev/null
-+++ b/products/almalinux10/profiles/ism_o.profile
-@@ -0,0 +1,62 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - shaneboulden
-+        - wcushen
-+        - eliseelk
-+        - sashperso
-+        - anjuskantha
-+
-+reference: https://www.cyber.gov.au/ism
-+
-+title: 'Australian Cyber Security Centre (ACSC) ISM Official - Base'
-+
-+description: |-
-+    This draft profile contains configuration checks for AlmaLinux OS 10
-+    that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM).
-+
-+    The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+    AlmaLinux OS security controls with the ISM, which can be used to select controls
-+    specific to an organisation's security posture and risk profile.
-+
-+    A copy of the ISM can be found at the ACSC website:
-+
-+    https://www.cyber.gov.au/ism
-+
-+extends: e8
-+
-+selections:
-+    - ism_o:all:base
-+
-+    # these rules do not work properly on RHEL 10 for now
-+    - '!enable_authselect'
-+    - '!enable_dracut_fips_module'
-+    - '!firewalld_sshd_port_enabled'
-+    - '!require_singleuser_auth'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!audit_rules_login_events_tallylog'
-+    # lastlog is not used in RHEL 10
-+    - '!audit_rules_login_events_lastlog'
-+    # this rule is currently failing on some systemd services, probably because of require_emergency_target_auth and require_singleuser_auth rules
-+    - '!rpm_verify_hashes'
-+    # this rule should not be needed anymore on RHEL 10, but investigation is recommended
-+    - '!openssl_use_strong_entropy'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-+    # This rule is not applicable for RHEL 10
-+    - '!force_opensc_card_drivers'
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!accounts_password_all_shadowed'
-+    - '!usbguard_allow_hid_and_hub'
-+    - '!sshd_allow_only_protocol2'
-+    - '!security_patches_up_to_date'
-+    - '!rpm_verify_ownership'
-+    - '!rpm_verify_permissions'
-+    - '!package_rear_installed'
-+    - '!package_ypbind_removed'
-+    - '!package_xinetd_removed'
-+    - '!service_xinetd_disabled'
-diff --git a/products/almalinux10/profiles/ism_o_secret.profile b/products/almalinux10/profiles/ism_o_secret.profile
-new file mode 100644
-index 000000000..d3ac3fab1
---- /dev/null
-+++ b/products/almalinux10/profiles/ism_o_secret.profile
-@@ -0,0 +1,64 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - shaneboulden
-+        - wcushen
-+        - eliseelk
-+        - sashperso
-+        - anjuskantha
-+
-+reference: https://www.cyber.gov.au/ism
-+
-+title: 'Australian Cyber Security Centre (ACSC) ISM Official - Secret'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+
-+    This draft profile contains configuration checks for AlmaLinux OS 10
-+    that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM).
-+
-+    The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+    AlmaLinux OS security controls with the ISM, which can be used to select controls
-+    specific to an organisation's security posture and risk profile.
-+
-+    A copy of the ISM can be found at the ACSC website:
-+
-+    https://www.cyber.gov.au/ism
-+
-+extends: e8
-+
-+selections:
-+    - ism_o:all:secret
-+
-+    # these rules do not work properly on RHEL 10 for now
-+    - '!enable_authselect'
-+    - '!enable_dracut_fips_module'
-+    - '!firewalld_sshd_port_enabled'
-+    - '!require_singleuser_auth'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!audit_rules_login_events_tallylog'
-+    # lastlog is not used in RHEL 10
-+    - '!audit_rules_login_events_lastlog'
-+    # this rule is currently failing on some systemd services, probably because of require_emergency_target_auth and require_singleuser_auth rules
-+    - '!rpm_verify_hashes'
-+    # this rule should not be needed anymore on RHEL 10, but investigation is recommended
-+    - '!openssl_use_strong_entropy'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-+    # This rule is not applicable for RHEL 10
-+    - '!force_opensc_card_drivers'
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!accounts_password_all_shadowed'
-+    - '!usbguard_allow_hid_and_hub'
-+    - '!sshd_allow_only_protocol2'
-+    - '!security_patches_up_to_date'
-+    - '!rpm_verify_ownership'
-+    - '!rpm_verify_permissions'
-+    - '!package_rear_installed'
-+    - '!package_ypbind_removed'
-+    - '!package_xinetd_removed'
-+    - '!service_xinetd_disabled'
-diff --git a/products/almalinux10/profiles/ism_o_top_secret.profile b/products/almalinux10/profiles/ism_o_top_secret.profile
-new file mode 100644
-index 000000000..d9c30b919
---- /dev/null
-+++ b/products/almalinux10/profiles/ism_o_top_secret.profile
-@@ -0,0 +1,62 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - shaneboulden
-+        - wcushen
-+        - eliseelk
-+        - sashperso
-+        - anjuskantha
-+
-+reference: https://www.cyber.gov.au/ism
-+
-+title: 'Australian Cyber Security Centre (ACSC) ISM Official - Top Secret'
-+
-+description: |-
-+    This draft profile contains configuration checks for AlmaLinux OS 10
-+    that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM).
-+
-+    The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
-+    AlmaLinux OS security controls with the ISM, which can be used to select controls
-+    specific to an organisation's security posture and risk profile.
-+
-+    A copy of the ISM can be found at the ACSC website:
-+
-+    https://www.cyber.gov.au/ism
-+
-+extends: e8
-+
-+selections:
-+    - ism_o:all:top_secret
-+
-+    # these rules do not work properly on RHEL 10 for now
-+    - '!enable_authselect'
-+    - '!enable_dracut_fips_module'
-+    - '!firewalld_sshd_port_enabled'
-+    - '!require_singleuser_auth'
-+    # tally2 is deprecated, replaced by faillock
-+    - '!accounts_passwords_pam_tally2_deny_root'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!audit_rules_login_events_tallylog'
-+    # lastlog is not used in RHEL 10
-+    - '!audit_rules_login_events_lastlog'
-+    # this rule is currently failing on some systemd services, probably because of require_emergency_target_auth and require_singleuser_auth rules
-+    - '!rpm_verify_hashes'
-+    # this rule should not be needed anymore on RHEL 10, but investigation is recommended
-+    - '!openssl_use_strong_entropy'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-+    # This rule is not applicable for RHEL 10
-+    - '!force_opensc_card_drivers'
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!accounts_password_all_shadowed'
-+    - '!usbguard_allow_hid_and_hub'
-+    - '!sshd_allow_only_protocol2'
-+    - '!security_patches_up_to_date'
-+    - '!rpm_verify_ownership'
-+    - '!rpm_verify_permissions'
-+    - '!package_rear_installed'
-+    - '!package_ypbind_removed'
-+    - '!package_xinetd_removed'
-+    - '!service_xinetd_disabled'
-diff --git a/products/almalinux10/profiles/ospp.profile b/products/almalinux10/profiles/ospp.profile
-new file mode 100644
-index 000000000..d3b46bc35
---- /dev/null
-+++ b/products/almalinux10/profiles/ospp.profile
-@@ -0,0 +1,30 @@
-+---
-+documentation_complete: true
-+hidden: true
-+
-+metadata:
-+    version: 4.3
-+    SMEs:
-+        - ggbecker
-+        - matusmarhefka
-+
-+reference: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=469&id=469
-+
-+title: 'DRAFT - Protection Profile for General Purpose Operating Systems'
-+
-+description: |-
-+    This is draft profile is based on the Red Hat Enterprise Linux 9 Common Criteria Guidance as
-+    guidance for Red Hat Enterprise Linux 10 was not available at the time of release.
-+
-+    Where appropriate, CNSSI 1253 or DoD-specific values are used for
-+    configuration, based on Configuration Annex to the OSPP.
-+
-+selections:
-+    - ospp:all
-+    - var_authselect_profile=local
-+
-+    - '!package_screen_installed'
-+    - '!package_dnf-plugin-subscription-manager_installed'
-+    - '!package_scap-security-guide_installed'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-diff --git a/products/almalinux10/profiles/pci-dss.profile b/products/almalinux10/profiles/pci-dss.profile
-new file mode 100644
-index 000000000..3bdb6a93f
---- /dev/null
-+++ b/products/almalinux10/profiles/pci-dss.profile
-@@ -0,0 +1,86 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    version: '4.0.1'
-+    SMEs:
-+        - marcusburghardt
-+        - mab879
-+        - vojtapolasek
-+
-+reference: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf
-+
-+title: 'PCI-DSS v4.0.1 Control Baseline for Red Hat Enterprise Linux 10'
-+
-+description: |-
-+    This is a draft profile for experimental purposes.
-+
-+    Payment Card Industry - Data Security Standard (PCI-DSS) is a set of
-+    security standards designed to ensure the secure handling of payment card
-+    data, with the goal of preventing data breaches and protecting sensitive
-+    financial information.
-+
-+    This draft profile ensures Red Hat Enterprise Linux 10 is configured in alignment
-+    with PCI-DSS v4.0.1 requirements.
-+
-+selections:
-+    - pcidss_4:all
-+    - var_password_hashing_algorithm=yescrypt
-+    - var_password_hashing_algorithm_pam=yescrypt
-+
-+    # RHEL 10 uses a different rule for auditing changes to selinux configuration (PCI-DSSv4 - 10.3.4)
-+    - '!audit_rules_mac_modification'
-+    - audit_rules_mac_modification_etc_selinux
-+
-+    # More tests are needed to identify which rule is conflicting with rpm_verify_permissions.
-+    # https://github.com/ComplianceAsCode/content/issues/11285
-+    - '!rpm_verify_permissions'
-+
-+    # these rules do not apply to RHEL 10
-+    - '!enable_authselect'
-+    - '!package_audit-audispd-plugins_installed'
-+    - '!package_dhcp_removed'
-+    - '!package_ypserv_removed'
-+    - '!package_ypbind_removed'
-+    - '!package_talk_removed'
-+    - '!package_talk-server_removed'
-+    - '!package_xinetd_removed'
-+    - '!package_rsh_removed'
-+    - '!package_rsh-server_removed'
-+
-+    - '!service_ntp_enabled'
-+    - '!service_ntpd_enabled'
-+    - '!service_timesyncd_enabled'
-+    - '!ntpd_specify_remote_server'
-+    - '!ntpd_specify_multiple_servers'
-+
-+    - '!accounts_passwords_pam_tally2'
-+    - '!accounts_passwords_pam_tally2_unlock_time'
-+    - '!cracklib_accounts_password_pam_dcredit'
-+    - '!cracklib_accounts_password_pam_lcredit'
-+    - '!cracklib_accounts_password_pam_minlen'
-+    - '!cracklib_accounts_password_pam_retry'
-+    - '!ensure_firewall_rules_for_open_ports'
-+    - '!ensure_shadow_group_empty'
-+    - '!ensure_suse_gpgkey_installed'
-+    - ensure_almalinux_gpgkey_installed
-+    - '!install_PAE_kernel_on_x86-32'
-+    - '!mask_nonessential_services'
-+    - '!nftables_ensure_default_deny_policy'
-+    - '!set_ipv6_loopback_traffic'
-+    - '!set_ip6tables_default_rule'
-+    - '!set_loopback_traffic'
-+    - '!set_password_hashing_algorithm_commonauth'
-+    # Following rule are excluded since, "so far" no CCEs were defined for them and maybe irrelevant for rhel10
-+    - '!enable_dconf_user_profile'
-+
-+    # Following are incompatible with the rhel10 product (based on RHEL9)
-+    - '!service_chronyd_or_ntpd_enabled'
-+    - '!aide_periodic_checking_systemd_timer'
-+    - '!gnome_gdm_disable_unattended_automatic_login'
-+    - '!permissions_local_var_log'
-+    - '!sshd_use_strong_kex'
-+    - '!sshd_use_approved_macs'
-+    - '!sshd_use_approved_ciphers'
-+    - '!security_patches_up_to_date'
-+    - '!kernel_module_dccp_disabled'
-diff --git a/products/almalinux10/profiles/stig.profile b/products/almalinux10/profiles/stig.profile
-new file mode 100644
-index 000000000..3c1b0ee2b
---- /dev/null
-+++ b/products/almalinux10/profiles/stig.profile
-@@ -0,0 +1,25 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - mab879
-+
-+reference: https://www.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
-+
-+title: 'Red Hat STIG for Red Hat Enterprise Linux 10'
-+
-+description: |-
-+    This is a profile based on what is expected in the RHEL 10 STIG.
-+    It is not based on the DISA STIG for RHEL 10, because it was not available at time of
-+    the release.
-+
-+    In addition to being applicable to Red Hat Enterprise Linux 10, this
-+    configuration baseline is applicable to the operating system tier of
-+    Red Hat technologies that are based on Red Hat Enterprise Linux 10.
-+
-+selections:
-+    - srg_gpos:all
-+    - '!enable_authselect'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-diff --git a/products/almalinux10/profiles/stig_gui.profile b/products/almalinux10/profiles/stig_gui.profile
-new file mode 100644
-index 000000000..63b780ff5
---- /dev/null
-+++ b/products/almalinux10/profiles/stig_gui.profile
-@@ -0,0 +1,46 @@
-+---
-+documentation_complete: true
-+
-+metadata:
-+    SMEs:
-+        - mab879
-+
-+reference: https://www.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
-+
-+title: 'Red Hat STIG with GUI for Red Hat Enterprise Linux 10'
-+
-+description: |-
-+    This is a profile based on what is expected in the RHEL 10 STIG.
-+    It is not based on the DISA STIG for RHEL 10, because it was not available at time of
-+    the release.
-+
-+    In addition to being applicable to Red Hat Enterprise Linux 10, this
-+    configuration baseline is applicable to the operating system tier of
-+    Red Hat technologies that are based on Red Hat Enterprise Linux 10.
-+
-+    Warning: The installation and use of a Graphical User Interface (GUI)
-+    increases your attack vector and decreases your overall security posture. If
-+    your Information Systems Security Officer (ISSO) lacks a documented operational
-+    requirement for a graphical user interface, please consider using the
-+    standard DISA STIG for Red Hat Enterprise Linux 10 profile.
-+
-+extends: stig
-+
-+selections:
-+    - '!xwindows_remove_packages'
-+
-+    - '!xwindows_runlevel_target'
-+
-+    - '!package_nfs-utils_removed'
-+
-+    - '!enable_authselect'
-+    # Limiting user namespaces cause issues with user apps, such as Firefox and Cheese
-+    # https://issues.redhat.com/browse/RHEL-10416
-+    - '!sysctl_user_max_user_namespaces'
-+    # locking of idle sessions is handled by screensaver when GUI is present, the following rule is therefore redundant
-+    - '!logind_session_timeout'
-+    # Currently not working RHEL 10, changes are being made to FIPS mode. Investigation is recommended.
-+    - '!enable_dracut_fips_module'
-+
-+    # Package gdm cannot be removed as it is required for GUI installation ('@Server with GUI' package group)
-+    - '!package_gdm_removed'
-diff --git a/products/almalinux10/transforms/constants.xslt b/products/almalinux10/transforms/constants.xslt
-new file mode 100644
-index 000000000..1b1a67317
---- /dev/null
-+++ b/products/almalinux10/transforms/constants.xslt
-@@ -0,0 +1,13 @@
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-+
-+<xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
-+
-+<xsl:variable name="product_long_name">AlmaLinux OS 10</xsl:variable>
-+<xsl:variable name="product_short_name">AL10</xsl:variable>
-+<xsl:variable name="product_stig_id_name">AL_10_STIG</xsl:variable>
-+<xsl:variable name="prod_type">almalinux10</xsl:variable>
-+
-+<xsl:variable name="cisuri">https://www.cisecurity.org/benchmark/almalinuxos_linux/</xsl:variable>
-+<xsl:variable name="disa-srguri" select="$disa-ossrguri"/>
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux10/transforms/table-style.xslt b/products/almalinux10/transforms/table-style.xslt
-new file mode 100644
-index 000000000..8b6caeab8
---- /dev/null
-+++ b/products/almalinux10/transforms/table-style.xslt
-@@ -0,0 +1,5 @@
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-+
-+<xsl:import href="../../../shared/transforms/shared_table-style.xslt"/>
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux10/transforms/xccdf-apply-overlay-stig.xslt b/products/almalinux10/transforms/xccdf-apply-overlay-stig.xslt
-new file mode 100644
-index 000000000..4789419b8
---- /dev/null
-+++ b/products/almalinux10/transforms/xccdf-apply-overlay-stig.xslt
-@@ -0,0 +1,8 @@
-+<?xml version="1.0"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://checklists.nist.gov/xccdf/1.1" xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml" exclude-result-prefixes="xccdf">
-+
-+<xsl:include href="../../../shared/transforms/shared_xccdf-apply-overlay-stig.xslt"/>
-+<xsl:include href="constants.xslt"/>
-+<xsl:variable name="overlays" select="document($overlay)/xccdf:overlays" />
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux10/transforms/xccdf2table-cce.xslt b/products/almalinux10/transforms/xccdf2table-cce.xslt
-new file mode 100644
-index 000000000..f156a6695
---- /dev/null
-+++ b/products/almalinux10/transforms/xccdf2table-cce.xslt
-@@ -0,0 +1,9 @@
-+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:cce="http://cce.mitre.org" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml">
-+
-+<xsl:import href="../../../shared/transforms/shared_xccdf2table-cce.xslt"/>
-+
-+<xsl:include href="constants.xslt"/>
-+<xsl:include href="table-style.xslt"/>
-+
-+</xsl:stylesheet>
-diff --git a/products/almalinux10/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux10/transforms/xccdf2table-profileccirefs.xslt
-new file mode 100644
-index 000000000..9d8d3e5fa
---- /dev/null
-+++ b/products/almalinux10/transforms/xccdf2table-profileccirefs.xslt
-@@ -0,0 +1,9 @@
-+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
-+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:cci="https://www.cyber.mil/stigs/cci" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:ovalns="http://oval.mitre.org/XMLSchema/oval-definitions-5">
-+
-+<xsl:import href="../../../shared/transforms/shared_xccdf2table-profileccirefs.xslt"/>
-+
-+<xsl:include href="constants.xslt"/>
-+<xsl:include href="table-style.xslt"/>
-+
-+</xsl:stylesheet>
-diff --git a/shared/checks/oval/installed_OS_is_almalinux10.xml b/shared/checks/oval/installed_OS_is_almalinux10.xml
-new file mode 100644
-index 000000000..34f942d90
---- /dev/null
-+++ b/shared/checks/oval/installed_OS_is_almalinux10.xml
-@@ -0,0 +1,34 @@
-+<def-group>
-+  <definition class="inventory" id="installed_OS_is_almalinux10" version="3">
-+    <metadata>
-+      <title>AlmaLinux OS 10</title>
-+      <affected family="unix">
-+        <platform>multi_platform_all</platform>
-+      </affected>
-+      <reference ref_id="cpe:/o:almalinux:almalinux:10" source="CPE" />
-+      <description>The operating system installed on the system is AlmaLinux OS 10</description>
-+    </metadata>
-+    <criteria comment="current OS is 10" operator="AND">
-+      <extend_definition comment="Installed OS is part of the Unix family" definition_ref="installed_OS_is_part_of_Unix_family" />
-+      <criterion comment="AlmaLinux OS is installed" test_ref="test_almalinux" />
-+      <criterion comment="AlmaLinux OS 10 is installed" test_ref="test_almalinux10" />
-+    </criteria>
-+  </definition>
-+
-+  <unix:file_test check="all" check_existence="all_exist" comment="/etc/almalinux-release exists" id="test_almalinux" version="1">
-+    <unix:object object_ref="obj_almalinux" />
-+  </unix:file_test>
-+  <unix:file_object comment="check /etc/almalinux file" id="obj_almalinux" version="1">
-+    <unix:filepath>/etc/almalinux-release</unix:filepath>
-+  </unix:file_object>
-+
-+  <ind:textfilecontent54_test check="all" check_existence="at_least_one_exists" comment="Check Custom OS version" id="test_almalinux10" version="1">
-+    <ind:object object_ref="obj_almalinux10" />
-+  </ind:textfilecontent54_test>
-+  <ind:textfilecontent54_object id="obj_almalinux10" version="1" comment="Check AlmaLinux OS version">
-+    <ind:filepath>/etc/almalinux-release</ind:filepath>
-+    <ind:pattern operation="pattern match">^AlmaLinux release 10.[0-9]+ .*$</ind:pattern>
-+    <ind:instance datatype="int">1</ind:instance>
-+  </ind:textfilecontent54_object>
-+
-+</def-group>
-diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-index b718ded26..7f42310de 100644
---- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-+++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
-@@ -16,6 +16,7 @@
- 	<platform>multi_platform_ol</platform>
- 	<platform>multi_platform_rhcos</platform>
- 	<platform>multi_platform_rhel</platform>
-+<platform>multi_platform_almalinux</platform>
- 	<platform>multi_platform_rhv</platform>
- 	<platform>multi_platform_sle</platform>
-     <platform>multi_platform_slmicro</platform>
-diff --git a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
-index e83699662..1efabcf62 100644
---- a/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol7-v3r1-xccdf-manual.xml
-@@ -917,7 +917,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
- $ sudo grep -iw grub2_password /boot/grub2/user.cfg
- GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
- 
--If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221702"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221702r958472_rule" weight="10.0" severity="high"><version>OL07-00-010491</version><title>Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-99143</ident><ident system="http://cyber.mil/legacy">SV-108247</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-23406r744073_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221702"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221702r958472_rule" weight="10.0" severity="high"><version>OL07-00-010491</version><title>Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-99143</ident><ident system="http://cyber.mil/legacy">SV-108247</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-23406r744073_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -929,7 +929,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
- 
- Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
- 
--$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
-+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
- GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
- 
- If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221703"><title>SRG-OS-000104-GPOS-00051</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221703r1015186_rule" weight="10.0" severity="medium"><version>OL07-00-010500</version><title>The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.</title><description>&lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
-@@ -1809,7 +1809,7 @@ On BIOS-based machines, use the following command:
- 
- On UEFI-based machines, use the following command:
- 
--# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
-+# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
- 
- If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
- 
-@@ -1840,7 +1840,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
- 
- If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
- 
--Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
-+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
- 
- # grep fips /boot/grub2/grub.cfg
- /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
-@@ -1912,23 +1912,23 @@ An example rule that includes the "sha512" rule follows:
- 
- If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-221762"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221762r958796_rule" weight="10.0" severity="medium"><version>OL07-00-021700</version><title>The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the information system security officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-108367</ident><ident system="http://cyber.mil/legacy">V-99263</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><fixtext fixref="F-23466r419359_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-23466r419359_fix" /><check system="C-23477r928541_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
- 
--Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
-+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
- 
- Check for the existence of alternate boot loader configuration files with the following command:
- 
-      # find / -name grub.cfg
--     /boot/efi/EFI/redhat/grub.cfg
-+     /boot/efi/EFI/almalinux/grub.cfg
- 
--If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/redhat/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
-+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2/" and "/boot/efi/EFI/almalinux/", ask the system administrator (SA) if there is documentation signed by the information system security officer (ISSO) to approve the use of removable media as a boot loader. 
- 
- List the number of menu entries defined in the grub configuration file with the following command (the number will vary between systems):
- 
--     # grep -cw menuentry /boot/efi/EFI/redhat/grub.cfg
-+     # grep -cw menuentry /boot/efi/EFI/almalinux/grub.cfg
-      4
- 
- Check that the grub configuration file has the "set root" command for each menu entry with the following command ("set root" defines the disk and partition or directory where the kernel and GRUB 2 modules are stored):
- 
--     # grep 'set root' /boot/efi/EFI/redhat/grub.cfg
-+     # grep 'set root' /boot/efi/EFI/almalinux/grub.cfg
-      set root='hd0,gpt2'
-      set root='hd0,gpt2'
-      set root='hd0,gpt2'
-@@ -4453,12 +4453,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
- 
- Generate a new grub.cfg file with the following command:
- 
--$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47788r833026_fix" /><check system="C-47831r792808_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47788r833026_fix" /><check system="C-47831r792808_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
- 
- For systems that are running a version of Oracle Linux prior to 7.2, this is Not Applicable.
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniquestringhere]"
- export superusers
- 
-diff --git a/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml b/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
-index 1c9e7252b..2e2ca9e8f 100644
---- a/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
-+++ b/shared/references/disa-stig-ol8-v2r5-xccdf-manual.xml
-@@ -425,7 +425,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</fixtext><fix id="F-51923r1044785_fix" /><check syst
- 
- If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "100000", this is a finding.
- 
--If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r958472_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
-  
- Generate an encrypted grub2 password for the grub superusers account with the following command: 
-  
-@@ -435,7 +435,7 @@ Confirm password:</fixtext><fix id="F-51925r779176_fix" /><check system="C-51971
-  
- Determine if an encrypted password is set for the grub superusers account. On systems that use UEFI, use the following command: 
-  
--$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg 
-+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg 
-  
- GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash] 
-  
-@@ -450,11 +450,11 @@ password_pbkdf2 [someuniqueUserNamehere] ${GRUB2_PASSWORD}
- 
- Generate a new grub.cfg file with the following command:
- 
--$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-51926r779179_fix" /><check system="C-51972r818602_chk"><check-content-ref href="Oracle_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-51926r779179_fix" /><check system="C-51972r818602_chk"><check-content-ref href="Oracle_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
- 
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniqueUserNamehere]"
- export superusers
- 
-diff --git a/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml b/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
-index 3737b411a..c2f91b544 100644
---- a/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
-+++ b/shared/references/disa-stig-ol8-v2r5-xccdf-scap.xml
-@@ -3378,7 +3378,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</xccdf:fixtext>
-           </xccdf:reference>
-           <xccdf:platform idref="#xccdf_mil.disa.stig_platform_LinuxUEFI" />
-           <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
--          <xccdf:fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file. 
-+          <xccdf:fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file. 
-  
- Generate an encrypted grub2 password for the grub superusers account with the following command: 
-  
-@@ -12588,8 +12588,8 @@ The "logind" service must be restarted for the changes to take effect. To restar
-             <description />
-           </metadata>
-           <criteria>
--            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." />
--            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-+            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." />
-+            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-           </criteria>
-         </definition>
-         <definition id="oval:mil.disa.stig.defs:def:230235" version="1" class="compliance">
-@@ -20282,11 +20282,11 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-         <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023303" version="1" check="all" comment="/etc/login.defs: SHA_CRYPT_MAX_ROUNDS is set">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023301" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name.">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023400" />
-           <state state_ref="oval:mil.disa.stig.ind:ste:23023400" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023401" />
-           <state state_ref="oval:mil.disa.stig.ind:ste:23023401" />
-         </textfilecontent54_test>
-@@ -22168,12 +22168,12 @@ By limiting the number of attempts to meet the pwquality module complexity requi
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023400" version="1">
--          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
-           <pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023401" version="1">
--          <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
-           <pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-diff --git a/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
-index ea46d8343..ae0897b61 100644
---- a/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
-+++ b/shared/references/disa-stig-rhel8-v2r4-xccdf-manual.xml
-@@ -370,7 +370,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</fixtext><fix id="F-32877r1044789_fix" /><check syst
- 
- If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "100000", this is a finding.
- 
--If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "100000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r1017053_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -380,7 +380,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
- 
- Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
- 
--$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
-+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
- 
- GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
- 
-@@ -6337,11 +6337,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
- 
- Generate a new grub.cfg file with the following command:
- 
--$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
- 
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniquestringhere]"
- export superusers
- 
-diff --git a/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
-index d03d69ff0..006ef4f40 100644
---- a/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
-+++ b/shared/references/disa-stig-rhel8-v2r4-xccdf-scap.xml
-@@ -3123,7 +3123,7 @@ SHA_CRYPT_MIN_ROUNDS 100000</xccdf:fixtext>
-           </xccdf:reference>
-           <xccdf:platform idref="#xccdf_mil.disa.stig_platform_LinuxUEFI" />
-           <xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
--          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+          <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -12049,8 +12049,8 @@ $ sudo systemctl restart systemd-logind</xccdf:fixtext>
-             <description />
-           </metadata>
-           <criteria>
--            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." />
--            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-+            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023400" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." />
-+            <criterion test_ref="oval:mil.disa.stig.ind:tst:23023401" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." />
-           </criteria>
-         </definition>
-         <definition id="oval:mil.disa.stig.defs:def:230235" version="1" class="compliance">
-@@ -19662,11 +19662,11 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
-         <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023303" version="1" check="all" comment="/etc/login.defs: SHA_CRYPT_MAX_ROUNDS is set">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023301" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023400" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name.">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023400" />
-           <state state_ref="oval:mil.disa.stig.ind:ste:23023400" />
-         </textfilecontent54_test>
--        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-+        <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:tst:23023401" version="1" check_existence="all_exist" check="all" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned.">
-           <object object_ref="oval:mil.disa.stig.ind:obj:23023401" />
-           <state state_ref="oval:mil.disa.stig.ind:ste:23023401" />
-         </textfilecontent54_test>
-@@ -21551,12 +21551,12 @@ RHEL 8 uses "pwquality" as a mechanism to enforce password complexity. This is s
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023400" version="1">
--          <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
-           <pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-         <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.ind:obj:23023401" version="1">
--          <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
-+          <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
-           <pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
-           <instance datatype="int" operation="greater than or equal">1</instance>
-         </textfilecontent54_object>
-diff --git a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
-index 17a1bd387..18b84aa2d 100644
---- a/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
-+++ b/shared/templates/accounts_password/tests/conflicting_values_directory.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # This test only applies to platforms that check the pwquality.conf.d directory
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
- 
- truncate -s 0 /etc/security/pwquality.conf
-diff --git a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
-index d10e78e8d..06a10a950 100644
---- a/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
-+++ b/shared/templates/accounts_password/tests/correct_value_directory.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # This test only applies to platforms that check the pwquality.conf.d directory
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- # variables = var_password_pam_{{{ VARIABLE }}}={{{ TEST_VAR_VALUE }}}
- 
- # This test will ensure that OVAL also checks the configuration in
-diff --git a/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh b/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
-index a4415d213..7ba758438 100644
---- a/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
-+++ b/shared/templates/audit_rules_kernel_module_loading/tests/missing_auid_filter.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_ubuntu
-+# platform = Oracle Linux 7,Oracle Linux 8,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
- # packages = audit
- 
- rm -f /etc/audit/rules.d/*
-diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_arch.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_arch.fail.sh
-index deca23463..fb11356dc 100644
---- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_arch.fail.sh
-+++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_arch.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = audit
--# platform = Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 10,AlmaLinux OS 10
- source common.sh
- 
- {{{ setup_auditctl_environment() }}}
-diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_arch.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_arch.fail.sh
-index 5ac5acf32..b41e800a5 100644
---- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_arch.fail.sh
-+++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_arch.fail.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 10,AlmaLinux OS 10
- 
- source common.sh
- 
-diff --git a/shared/templates/grub2_bootloader_argument/kickstart.template b/shared/templates/grub2_bootloader_argument/kickstart.template
-index c5051bcf7..846c0e661 100644
---- a/shared/templates/grub2_bootloader_argument/kickstart.template
-+++ b/shared/templates/grub2_bootloader_argument/kickstart.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = true
- # strategy = restrict
- # complexity = medium
-diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
-index f36c7d8bc..c465a15a3 100644
---- a/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_in_entries.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # packages = grub2,grubby
- 
- {{%- if ARG_VARIABLE %}}
-diff --git a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
-index c6d5b6b1b..0557b2f03 100644
---- a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_fedora
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_fedora
- # packages = grub2,grubby
- {{%- if ARG_VARIABLE %}}
- # variables = {{{ ARG_VARIABLE }}}=correct_value
-diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-index 788f128b3..44fa8621e 100644
---- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,multi_platform_rhel
-+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux
- # packages = grub2,grubby
- {{%- if ARG_VARIABLE %}}
- # variables = {{{ ARG_VARIABLE }}}=correct_value
-diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
-index fc3db8ccd..a12bef4b2 100644
---- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # packages = grub2-tools,grubby
- 
- # Adds argument from kernel command line in /etc/default/grub
-diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
-index e51f669fd..00a74f76f 100644
---- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
-+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # packages = grub2-tools,grubby
- 
- # Adds argument with a value from kernel command line in /etc/default/grub
-diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
-index d5d39d91c..2b25d0659 100644
---- a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
-+++ b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
-@@ -1,5 +1,5 @@
- #!/bin/bash
--# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
-+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10
- # packages = grub2,grubby
- 
- # Ensure the kernel command line for each installed kernel in the bootloader
-diff --git a/shared/templates/kernel_module_disabled/kubernetes.template b/shared/templates/kernel_module_disabled/kubernetes.template
-index c77cebfbb..2820e9745 100644
---- a/shared/templates/kernel_module_disabled/kubernetes.template
-+++ b/shared/templates/kernel_module_disabled/kubernetes.template
-@@ -1,5 +1,5 @@
- ---
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
- # reboot = true
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
-index 56617467d..3cdacd4db 100644
---- a/shared/templates/mount/blueprint.template
-+++ b/shared/templates/mount/blueprint.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- [[customizations.filesystem]]
- mountpoint = "{{{ MOUNTPOINT }}}"
-diff --git a/shared/templates/mount/kickstart.template b/shared/templates/mount/kickstart.template
-index fc2bdebd7..3c7833aa7 100644
---- a/shared/templates/mount/kickstart.template
-+++ b/shared/templates/mount/kickstart.template
-@@ -1,3 +1,3 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- 
- logvol {{{ MOUNTPOINT }}} {{{ MIN_SIZE_MB }}}
-diff --git a/shared/templates/package_installed/bootc.template b/shared/templates/package_installed/bootc.template
-index ddac8ef40..86cb91791 100644
---- a/shared/templates/package_installed/bootc.template
-+++ b/shared/templates/package_installed/bootc.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/package_installed/kickstart.template b/shared/templates/package_installed/kickstart.template
-index be0fc1de8..8284a5711 100644
---- a/shared/templates/package_installed/kickstart.template
-+++ b/shared/templates/package_installed/kickstart.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = enable
- # complexity = low
-diff --git a/shared/templates/package_removed/bootc.template b/shared/templates/package_removed/bootc.template
-index eef498941..255ac57a1 100644
---- a/shared/templates/package_removed/bootc.template
-+++ b/shared/templates/package_removed/bootc.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/package_removed/kickstart.template b/shared/templates/package_removed/kickstart.template
-index 99f5e33b9..a0b930444 100644
---- a/shared/templates/package_removed/kickstart.template
-+++ b/shared/templates/package_removed/kickstart.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
-index 805d70a75..75b375d26 100644
---- a/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
-+++ b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = authselect,pam
--# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
-+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel,multi_platform_almalinux
- 
- {{{ tests_init_faillock_vars("correct", prm_name=PRM_NAME, ext_variable=EXT_VARIABLE, variable_lower_bound=VARIABLE_LOWER_BOUND, variable_upper_bound=VARIABLE_UPPER_BOUND) }}}
- 
-diff --git a/shared/templates/service_disabled/kickstart.template b/shared/templates/service_disabled/kickstart.template
-index d1e39ae29..7ecd5523e 100644
---- a/shared/templates/service_disabled/kickstart.template
-+++ b/shared/templates/service_disabled/kickstart.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/service_disabled/kubernetes.template b/shared/templates/service_disabled/kubernetes.template
-index 1ab456524..724e7b779 100644
---- a/shared/templates/service_disabled/kubernetes.template
-+++ b/shared/templates/service_disabled/kubernetes.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
- # reboot = true
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/service_disabled_guard_var/bash.template b/shared/templates/service_disabled_guard_var/bash.template
-index 0afd3332d..62c4762e7 100644
---- a/shared/templates/service_disabled_guard_var/bash.template
-+++ b/shared/templates/service_disabled_guard_var/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
- # reboot = false
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/service_enabled/kickstart.template b/shared/templates/service_enabled/kickstart.template
-index 451af774a..27ac615a2 100644
---- a/shared/templates/service_enabled/kickstart.template
-+++ b/shared/templates/service_enabled/kickstart.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel,multi_platform_fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
- # reboot = false
- # strategy = disable
- # complexity = low
-diff --git a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
-index 3114b75fe..be92408dc 100644
---- a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
-+++ b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu
- {{%- if XCCDF_VARIABLE %}}
- # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
- {{%- endif %}}
-diff --git a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
-index b05adb222..1530e343c 100644
---- a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
-+++ b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu
- 
- mkdir -p /etc/ssh/sshd_config.d
- touch /etc/ssh/sshd_config.d/nothing
-diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
-index d91244f7a..047e5513a 100644
---- a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
-+++ b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu
- 
- 
- {{% if XCCDF_VARIABLE %}}
-diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
-index 15eb1d870..ab8ea90d7 100644
---- a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
-+++ b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu
- 
- {{% if XCCDF_VARIABLE %}}
- # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
-diff --git a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
-index c5f2c41e8..a76757970 100644
---- a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
-+++ b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- 
--# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,multi_platform_ubuntu
-+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,AlmaLinux OS 10,multi_platform_ubuntu
- 
- {{% if XCCDF_VARIABLE %}}
- # variables = {{{ XCCDF_VARIABLE }}}={{{ CORRECT_VALUE }}}
-diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
-index feb74e3c4..b82bc305a 100644
---- a/shared/templates/zipl_bls_entries_option/ansible.template
-+++ b/shared/templates/zipl_bls_entries_option/ansible.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- # reboot = true
- # strategy = configure
- # complexity = medium
-diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
-index e14d59dfc..1b236a130 100644
---- a/shared/templates/zipl_bls_entries_option/bash.template
-+++ b/shared/templates/zipl_bls_entries_option/bash.template
-@@ -1,4 +1,4 @@
--# platform = multi_platform_rhel
-+# platform = multi_platform_rhel,multi_platform_almalinux
- 
- # Correct BLS option using grubby, which is a thin wrapper around BLS operations
- grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
-diff --git a/ssg/constants.py b/ssg/constants.py
-index eedd39ab6..35c1260d5 100644
---- a/ssg/constants.py
-+++ b/ssg/constants.py
-@@ -40,7 +40,7 @@ SSG_REF_URIS = {
- product_directories = [
-     'alinux2',
-     'alinux3',
--    'almalinux9',
-+    'almalinux10',
-     'anolis8',
-     'anolis23',
-     'al2023',
-@@ -210,7 +210,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
- FULL_NAME_TO_PRODUCT_MAPPING = {
-     "Alibaba Cloud Linux 2": "alinux2",
-     "Alibaba Cloud Linux 3": "alinux3",
--    "AlmaLinux OS 9": "almalinux9",
-+    "AlmaLinux OS 10": "almalinux10",
-     "Anolis OS 8": "anolis8",
-     "Anolis OS 23": "anolis23",
-     "Amazon Linux 2023": "al2023",
-@@ -300,7 +300,7 @@ MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
- 
- MULTI_PLATFORM_MAPPING = {
-     "multi_platform_alinux": ["alinux2", "alinux3"],
--    "multi_platform_almalinux": ["almalinux9"],
-+    "multi_platform_almalinux": ["almalinux10"],
-     "multi_platform_anolis": ["anolis8", "anolis23"],
-     "multi_platform_debian": ["debian11", "debian12", "debian13"],
-     "multi_platform_example": ["example"],
-diff --git a/tests/data/product_stability/ol7.yml b/tests/data/product_stability/ol7.yml
-index edb6411e3..4d21c0495 100644
---- a/tests/data/product_stability/ol7.yml
-+++ b/tests/data/product_stability/ol7.yml
-@@ -37,7 +37,7 @@ groups:
-   dedicated_ssh_keyowner:
-     name: ssh_keys
- grub2_boot_path: /boot/grub2
--grub2_uefi_boot_path: /boot/efi/EFI/redhat
-+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
- grub_helper_executable: grubby
- init_system: systemd
- login_defs_path: /etc/login.defs
-diff --git a/tests/data/product_stability/ol8.yml b/tests/data/product_stability/ol8.yml
-index 609a20b12..db4046ad1 100644
---- a/tests/data/product_stability/ol8.yml
-+++ b/tests/data/product_stability/ol8.yml
-@@ -37,7 +37,7 @@ groups:
-   dedicated_ssh_keyowner:
-     name: ssh_keys
- grub2_boot_path: /boot/grub2
--grub2_uefi_boot_path: /boot/efi/EFI/redhat
-+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
- grub_helper_executable: grubby
- init_system: systemd
- login_defs_path: /etc/login.defs
-diff --git a/tests/data/product_stability/rhel8.yml b/tests/data/product_stability/rhel8.yml
-index 99dfa18bc..fe9fd40ef 100644
---- a/tests/data/product_stability/rhel8.yml
-+++ b/tests/data/product_stability/rhel8.yml
-@@ -89,7 +89,7 @@ groups:
-   dedicated_ssh_keyowner:
-     name: ssh_keys
- grub2_boot_path: /boot/grub2
--grub2_uefi_boot_path: /boot/efi/EFI/redhat
-+grub2_uefi_boot_path: /boot/efi/EFI/almalinux
- grub_helper_executable: grubby
- init_system: systemd
- journald_conf_dir_path: /etc/systemd/journald.conf.d
-diff --git a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
-index 849ab06f6..1a4927eec 100644
---- a/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
-+++ b/tests/data/utils/disa-stig-rhel8-v1r6-xccdf-manual.xml
-@@ -368,7 +368,7 @@ $ sudo egrep "^SHA_CRYPT_" /etc/login.defs
- 
- If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
- 
--If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
-+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
- 
- Generate an encrypted grub2 password for the grub superusers account with the following command:
- 
-@@ -378,7 +378,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
- 
- Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
- 
--$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
-+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
- 
- GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
- 
-@@ -6230,11 +6230,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
- 
- Generate a new grub.cfg file with the following command:
- 
--$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
-+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
- 
- Verify that a unique name is set as the "superusers" account:
- 
--$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
-+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
- set superusers="[someuniquestringhere]"
- export superusers
- 
-diff --git a/tests/shared/grub2.sh b/tests/shared/grub2.sh
-index 10df2e2ad..4379d49a3 100644
---- a/tests/shared/grub2.sh
-+++ b/tests/shared/grub2.sh
-@@ -11,10 +11,10 @@ function set_grub_uefi_root {
- 		if grep VERSION /etc/os-release | grep -q '9\.'; then
- 			GRUB_CFG_ROOT=/boot/grub2
- 		else
--			GRUB_CFG_ROOT=/boot/efi/EFI/redhat
-+			GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
- 		fi
- 	elif grep NAME /etc/os-release | grep -iq "Oracle"; then
--		GRUB_CFG_ROOT=/boot/efi/EFI/redhat
-+		GRUB_CFG_ROOT=/boot/efi/EFI/almalinux
- 	elif grep NAME /etc/os-release | grep -iq "Ubuntu"; then
- 		GRUB_CFG_ROOT=/boot/grub
- 	fi
-diff --git a/tests/unit/ssg-module/data/product.yml b/tests/unit/ssg-module/data/product.yml
-index 540ab0181..191dde4ec 100644
---- a/tests/unit/ssg-module/data/product.yml
-+++ b/tests/unit/ssg-module/data/product.yml
-@@ -25,7 +25,7 @@ aux_pkg_version: "5a6340b3"
- release_key_fingerprint: "567E347AD0044ADE55BA8A5F199E2F91FD431D51"
- auxiliary_key_fingerprint: "7E4624258C406535D56D6F135054E4A45A6340B3"
- 
--grub2_uefi_boot_path: "/boot/efi/EFI/redhat"
-+grub2_uefi_boot_path: "/boot/efi/EFI/almalinux"
- 
- cpes_root: "./applicability"
- cpes:
-diff --git a/tests/unit/ssg_test_suite/data/correct.pass.sh b/tests/unit/ssg_test_suite/data/correct.pass.sh
-index 5a2bc1005..c3dfe6dce 100644
---- a/tests/unit/ssg_test_suite/data/correct.pass.sh
-+++ b/tests/unit/ssg_test_suite/data/correct.pass.sh
-@@ -1,6 +1,6 @@
- #!/bin/bash
- # packages = sudo,authselect
--# platform = multi_platform_rhel,Fedora
-+# platform = multi_platform_rhel,multi_platform_almalinux,Fedora
- # profiles = xccdf_org.ssgproject.content_profile_cis
- # check = oval
- # remediation = none
diff --git a/scap-security-guide.spec b/scap-security-guide.spec
index a94734d..b5502ef 100644
--- a/scap-security-guide.spec
+++ b/scap-security-guide.spec
@@ -4,16 +4,21 @@
 %global _vpath_builddir build
 
 Name:		scap-security-guide
-Version:	0.1.79
-Release:	2%{?dist}.alma.1
+Version:	0.1.80
+Release:	1%{?dist}.alma.1
 Summary:	Security guidance and baselines in SCAP formats
 License:	BSD-3-Clause
 URL:		https://github.com/ComplianceAsCode/content/
 Source0:	https://github.com/ComplianceAsCode/content/releases/download/v%{version}/scap-security-guide-%{version}.tar.bz2
+
+# AlmaLinux Source
+Source9001: add-almalinux10-support.sh
 Patch0: disable_ospp.patch
 
 # AlmaLinux Patch
-Patch1000: scap-security-guide-add-almalinux10-product.patch
+Patch1001: 1001-add-almalinux10-os-detection.patch
+Patch1002: 1002-update-ensure-almalinux-gpgkey-installed-for-10.patch
+Patch1003: 1003-exclude-almalinux-from-pqc-gpgkey-check.patch
 
 BuildArch:	noarch
 
@@ -61,6 +66,7 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul
 
 %prep
 %autosetup -p1
+bash %{SOURCE9001}
 
 %define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_BUILD_SCAP_12_DS=OFF
 %define cmake_defines_specific %{nil}
@@ -105,9 +111,17 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md
 %endif
 
 %changelog
-* Wed Jan 07 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.79-2.alma.1
+* Wed Apr 01 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.80-1.alma.1
 - Add AlmaLinux 10 support
 
+* Tue Mar 10 2026 Vojtech Polasek <vpolasek@redhat.com> - 0.1.80-1
+- Import Red Hat quantum-resistant keys using sequoia commands (RHEL-127300)
+- Rule audit_rules_privileged_commands adds architecture filters in audit rules (RHEL-142647)
+- Use correct permissions and consider the log_group option in rules file_permissions_var_log_audit and directory_permissions_var_log_audit (RHEL-138549)
+- Add a new BSI profile to RHEL 10 that aligns to the BSI (Federal Office for Security Information in Germany) IT-Grundschutz Basic-Protection. (RHEL-134722)
+- Corrected version in the description of CIS profiles (RHEL-143955)
+- Rebase scap-security-guide to the latest upstream version 0.1.80 (RHEL-152059)
+
 * Mon Jan 05 2026 Jan Černý <jcerny@redhat.com> - 0.1.79-2
 - Bump version and rebuild
 
diff --git a/sources b/sources
index f88b2e8..7ce662e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (scap-security-guide-0.1.79.tar.bz2) = 57963e896aef6089523bb7165ece32dafeedc2caf0baac594c4d0d083ff00bd37c4fdc1c98357db1c70523bb67543c07b6a41b7d989ba1a8e97907218d954311
+SHA512 (scap-security-guide-0.1.80.tar.bz2) = 6cc80a8cc2dfdb175dcfeb39e0f4a6653bf879c955d39350d501977ead8d5fb86151bbf105b6cd2983cb51240c6ff102b18cd16d9125f5b75dd6b53ae5418227