From 7856efa997275802f11219f7fe940a99bafeb0ff Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Mon, 18 Jul 2022 11:09:04 +0200 Subject: [PATCH] remove sshd_enable_strictmodes from ospp Resolves: rhbz#2105278 --- ...sshd_enable_strictmodes_ospp-PR_9143.patch | 21 +++++++++++++++++++ scap-security-guide.spec | 2 ++ 2 files changed, 23 insertions(+) create mode 100644 scap-security-guide-0.1.63-remove_sshd_enable_strictmodes_ospp-PR_9143.patch diff --git a/scap-security-guide-0.1.63-remove_sshd_enable_strictmodes_ospp-PR_9143.patch b/scap-security-guide-0.1.63-remove_sshd_enable_strictmodes_ospp-PR_9143.patch new file mode 100644 index 0000000..8243bf1 --- /dev/null +++ b/scap-security-guide-0.1.63-remove_sshd_enable_strictmodes_ospp-PR_9143.patch @@ -0,0 +1,21 @@ +From a607fe9715106b88511fd664b320ee63f6497ede Mon Sep 17 00:00:00 2001 +From: Vojtech Polasek +Date: Wed, 13 Jul 2022 14:07:25 +0200 +Subject: [PATCH] remove rule from rhel9 ospp + +--- + products/rhel9/profiles/ospp.profile | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/products/rhel9/profiles/ospp.profile b/products/rhel9/profiles/ospp.profile +index 75e5b0f5ed4..4ba874db90f 100644 +--- a/products/rhel9/profiles/ospp.profile ++++ b/products/rhel9/profiles/ospp.profile +@@ -58,7 +58,6 @@ selections: + # sshd + - sshd_use_directory_configuration + - sshd_disable_root_login +- - sshd_enable_strictmodes + - disable_host_auth + - sshd_disable_empty_passwords + - sshd_disable_kerb_auth diff --git a/scap-security-guide.spec b/scap-security-guide.spec index 4e26072..9311d13 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -34,6 +34,7 @@ Patch6: scap-security-guide-0.1.63-update_grub2_macro-PR_8616.pat Patch7: scap-security-guide-0.1.63-add_grub2_systemd_debug-shell_argument_absent-PR_9100.patch Patch8: scap-security-guide-0.1.63-remove_rule_login_defs_min_size-PR_9113.patch Patch9: scap-security-guide-0.1.63-remove_rsyslog_rules_from_rhel9_ospp-PR_9116.patch +Patch10: scap-security-guide-0.1.63-remove_sshd_enable_strictmodes_ospp-PR_9143.patch %description The scap-security-guide project provides a guide for configuration of the @@ -119,6 +120,7 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md - Add rule grub2_systemd_debug-shell_argument_absent (RHBZ#2092840) - Remove rule accounts_password_minlen_login_defs from all profiles (RHBZ#2073040) - Remove rules related to remove logging from RHEL9 OSPP (RHBZ#2105016) +- Remove sshd_enable_strictmodes from OSPP (RHBZ#2105278) * Wed Jun 01 2022 Matej Tyc - 0.1.62-1 - Rebase to a new upstream release (RHBZ#2070563)